Introduction - Microsoft - Windows 10 version 1703 download

[MS-ADLS]: Active Directory Lightweight Directory Services SchemaIntellectual Property Rights Notice for Open Specifications DocumentationTechnical Documentation. Microsoft publishes Open Specifications documentation (“this documentation”) for protocols, file formats, data portability, computer languages, and standards support. Additionally, overview documents cover inter-protocol relationships and interactions. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you can make copies of it in order to develop implementations of the technologies that are described in this documentation and can distribute portions of it in your implementations that use these technologies or in your documentation as necessary to properly document the implementation. You can also distribute in your implementation, with or without modification, any schemas, IDLs, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications documentation. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that might cover your implementations of the technologies described in the Open Specifications documentation. Neither this notice nor Microsoft's delivery of this documentation grants any licenses under those patents or any other Microsoft patents. However, a given Open Specifications document might be covered by the Microsoft Open Specifications Promise or the Microsoft Community Promise. If you would prefer a written license, or if the technologies described in this documentation are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting iplg@. License Programs. To see all of the protocols in scope under a specific license program and the associated patents, visit the Patent Map. Trademarks. The names of companies and products contained in this documentation might be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. For a list of Microsoft trademarks, visit trademarks. Fictitious Names. The example companies, organizations, products, domain names, email addresses, logos, people, places, and events that are depicted in this documentation are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred.Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than as specifically described above, whether by implication, estoppel, or otherwise. Tools. The Open Specifications documentation does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments, you are free to take advantage of them. Certain Open Specifications documents are intended for use in conjunction with publicly available standards specifications and network programming art and, as such, assume that the reader either is familiar with the aforementioned material or has immediate access to it.Support. For questions and support, please contact dochelp@. Revision SummaryDateRevision HistoryRevision ClassComments2/22/20070.01NewVersion 0.01 release6/1/20071.0MajorUpdated and revised the technical content.7/3/20071.0.1EditorialAdded missing description.7/20/20071.0.2EditorialChanged language and formatting in the technical content.8/10/20071.0.3EditorialChanged language and formatting in the technical content.9/28/20071.0.4EditorialChanged language and formatting in the technical content.10/23/20071.0.5EditorialChanged language and formatting in the technical content.11/30/20071.0.6EditorialChanged language and formatting in the technical content.1/25/20081.0.7EditorialChanged language and formatting in the technical content.3/14/20081.0.8EditorialChanged language and formatting in the technical content.5/16/20081.0.9EditorialChanged language and formatting in the technical content.6/20/20081.0.10EditorialChanged language and formatting in the technical content.7/25/20081.1MinorClarified the meaning of the technical content.8/29/20082.0MajorUpdated and revised the technical content.10/24/20083.0MajorUpdated and revised the technical content.12/5/20084.0MajorUpdated and revised the technical content.1/16/20094.0.1EditorialChanged language and formatting in the technical content.2/27/20094.0.2EditorialChanged language and formatting in the technical content.4/10/20094.0.3EditorialChanged language and formatting in the technical content.5/22/20095.0MajorUpdated and revised the technical content.7/2/20096.0MajorUpdated and revised the technical content.8/14/20096.0.1EditorialChanged language and formatting in the technical content.9/25/20097.0MajorUpdated and revised the technical content.11/6/20097.0.1EditorialChanged language and formatting in the technical content.12/18/20098.0MajorUpdated and revised the technical content.1/29/20109.0MajorUpdated and revised the technical content.3/12/201010.0MajorUpdated and revised the technical content.4/23/201011.0MajorUpdated and revised the technical content.6/4/201012.0MajorUpdated and revised the technical content.7/16/201012.0NoneNo changes to the meaning, language, or formatting of the technical content.8/27/201013.0MajorUpdated and revised the technical content.10/8/201014.0MajorUpdated and revised the technical content.11/19/201014.1MinorClarified the meaning of the technical content.1/7/201115.0MajorUpdated and revised the technical content.2/11/201115.0NoneNo changes to the meaning, language, or formatting of the technical content.3/25/201115.0NoneNo changes to the meaning, language, or formatting of the technical content.5/6/201115.1MinorClarified the meaning of the technical content.6/17/201115.2MinorClarified the meaning of the technical content.9/23/201115.3MinorClarified the meaning of the technical content.12/16/201116.0MajorUpdated and revised the technical content.3/30/201216.0NoneNo changes to the meaning, language, or formatting of the technical content.7/12/201216.0NoneNo changes to the meaning, language, or formatting of the technical content.10/25/201216.1MinorClarified the meaning of the technical content.1/31/201316.1NoneNo changes to the meaning, language, or formatting of the technical content.8/8/201317.0MajorUpdated and revised the technical content.11/14/201318.0MajorUpdated and revised the technical content.2/13/201418.0NoneNo changes to the meaning, language, or formatting of the technical content.5/15/201419.0MajorUpdated and revised the technical content.6/30/201519.1MinorClarified the meaning of the technical content.10/16/201519.1NoneNo changes to the meaning, language, or formatting of the technical content.7/14/201619.1NoneNo changes to the meaning, language, or formatting of the technical content.6/1/201720.0MajorSignificantly changed the technical content.9/15/201721.0MajorSignificantly changed the technical content.9/12/201821.1MinorClarified the meaning of the technical content.Table of ContentsTOC \o "1-9" \h \z1Introduction PAGEREF _Toc523394992 \h 131.1References PAGEREF _Toc523394993 \h 132Attributes PAGEREF _Toc523394994 \h 152.1Attribute accountExpires PAGEREF _Toc523394995 \h 152.2Attribute adminContextMenu PAGEREF _Toc523394996 \h 152.3Attribute adminDescription PAGEREF _Toc523394997 \h 152.4Attribute adminDisplayName PAGEREF _Toc523394998 \h 162.5Attribute adminMultiselectPropertyPages PAGEREF _Toc523394999 \h 162.6Attribute adminPropertyPages PAGEREF _Toc523395000 \h 162.7Attribute allowedAttributes PAGEREF _Toc523395001 \h 172.8Attribute allowedAttributesEffective PAGEREF _Toc523395002 \h 172.9Attribute allowedChildClasses PAGEREF _Toc523395003 \h 172.10Attribute allowedChildClassesEffective PAGEREF _Toc523395004 \h 182.11Attribute aNR PAGEREF _Toc523395005 \h 182.12Attribute appliesTo PAGEREF _Toc523395006 \h 182.13Attribute assistant PAGEREF _Toc523395007 \h 192.14Attribute attributeCertificateAttribute PAGEREF _Toc523395008 \h 192.15Attribute attributeDisplayNames PAGEREF _Toc523395009 \h 192.16Attribute attributeID PAGEREF _Toc523395010 \h 202.17Attribute attributeSecurityGUID PAGEREF _Toc523395011 \h 202.18Attribute attributeSyntax PAGEREF _Toc523395012 \h 202.19Attribute attributeTypes PAGEREF _Toc523395013 \h 202.20Attribute audio PAGEREF _Toc523395014 \h 212.21Attribute auxiliaryClass PAGEREF _Toc523395015 \h 212.22Attribute badPasswordTime PAGEREF _Toc523395016 \h 212.23Attribute badPwdCount PAGEREF _Toc523395017 \h 222.24Attribute bridgeheadServerListBL PAGEREF _Toc523395018 \h 222.25Attribute bridgeheadTransportList PAGEREF _Toc523395019 \h 222.26Attribute businessCategory PAGEREF _Toc523395020 \h 232.27Attribute c PAGEREF _Toc523395021 \h 232.28Attribute canonicalName PAGEREF _Toc523395022 \h 232.29Attribute carLicense PAGEREF _Toc523395023 \h 242.30Attribute classDisplayName PAGEREF _Toc523395024 \h 242.31Attribute cn PAGEREF _Toc523395025 \h 242.32Attribute co PAGEREF _Toc523395026 \h 252.33Attribute comment PAGEREF _Toc523395027 \h 252.34Attribute company PAGEREF _Toc523395028 \h 252.35Attribute configurationFile PAGEREF _Toc523395029 \h 262.36Attribute configurationFileGuid PAGEREF _Toc523395030 \h 262.37Attribute contextMenu PAGEREF _Toc523395031 \h 262.38Attribute cost PAGEREF _Toc523395032 \h 272.39Attribute countryCode PAGEREF _Toc523395033 \h 272.40Attribute createDialog PAGEREF _Toc523395034 \h 272.41Attribute createTimeStamp PAGEREF _Toc523395035 \h 272.42Attribute createWizardExt PAGEREF _Toc523395036 \h 282.43Attribute creationWizard PAGEREF _Toc523395037 \h 282.44Attribute dc PAGEREF _Toc523395038 \h 282.45Attribute defaultClassStore PAGEREF _Toc523395039 \h 292.46Attribute defaultGroup PAGEREF _Toc523395040 \h 292.47Attribute defaultHidingValue PAGEREF _Toc523395041 \h 292.48Attribute defaultObjectCategory PAGEREF _Toc523395042 \h 302.49Attribute defaultSecurityDescriptor PAGEREF _Toc523395043 \h 302.50Attribute department PAGEREF _Toc523395044 \h 302.51Attribute departmentNumber PAGEREF _Toc523395045 \h 302.52Attribute description PAGEREF _Toc523395046 \h 312.53Attribute desktopProfile PAGEREF _Toc523395047 \h 312.54Attribute destinationIndicator PAGEREF _Toc523395048 \h 312.55Attribute directReports PAGEREF _Toc523395049 \h 322.56Attribute displayName PAGEREF _Toc523395050 \h 322.57Attribute displayNamePrintable PAGEREF _Toc523395051 \h 332.58Attribute distinguishedName PAGEREF _Toc523395052 \h 332.59Attribute dITContentRules PAGEREF _Toc523395053 \h 332.60Attribute division PAGEREF _Toc523395054 \h 342.61Attribute dMDLocation PAGEREF _Toc523395055 \h 342.62Attribute dmdName PAGEREF _Toc523395056 \h 342.63Attribute dNSHostName PAGEREF _Toc523395057 \h 352.64Attribute dnsRoot PAGEREF _Toc523395058 \h 352.65Attribute dSASignature PAGEREF _Toc523395059 \h 352.66Attribute dSCorePropagationData PAGEREF _Toc523395060 \h 362.67Attribute dSHeuristics PAGEREF _Toc523395061 \h 362.68Attribute dSUIAdminMaximum PAGEREF _Toc523395062 \h 362.69Attribute dSUIAdminNotification PAGEREF _Toc523395063 \h 372.70Attribute dSUIShellMaximum PAGEREF _Toc523395064 \h 372.71Attribute dynamicLDAPServer PAGEREF _Toc523395065 \h 372.72Attribute employeeID PAGEREF _Toc523395066 \h 372.73Attribute employeeNumber PAGEREF _Toc523395067 \h 382.74Attribute employeeType PAGEREF _Toc523395068 \h 382.75Attribute Enabled PAGEREF _Toc523395069 \h 382.76Attribute enabledConnection PAGEREF _Toc523395070 \h 392.77Attribute entryTTL PAGEREF _Toc523395071 \h 392.78Attribute extendedAttributeInfo PAGEREF _Toc523395072 \h 392.79Attribute extendedCharsAllowed PAGEREF _Toc523395073 \h 402.80Attribute extendedClassInfo PAGEREF _Toc523395074 \h 402.81Attribute extensionName PAGEREF _Toc523395075 \h 402.82Attribute extraColumns PAGEREF _Toc523395076 \h 412.83Attribute facsimileTelephoneNumber PAGEREF _Toc523395077 \h 412.84Attribute fromEntry PAGEREF _Toc523395078 \h 412.85Attribute fromServer PAGEREF _Toc523395079 \h 422.86Attribute fSMORoleOwner PAGEREF _Toc523395080 \h 422.87Attribute garbageCollPeriod PAGEREF _Toc523395081 \h 422.88Attribute generatedConnection PAGEREF _Toc523395082 \h 432.89Attribute generationQualifier PAGEREF _Toc523395083 \h 432.90Attribute givenName PAGEREF _Toc523395084 \h 432.91Attribute governsID PAGEREF _Toc523395085 \h 442.92Attribute groupType PAGEREF _Toc523395086 \h 442.93Attribute hasMasterNCs PAGEREF _Toc523395087 \h 442.94Attribute hasPartialReplicaNCs PAGEREF _Toc523395088 \h 452.95Attribute homePhone PAGEREF _Toc523395089 \h 452.96Attribute homePostalAddress PAGEREF _Toc523395090 \h 452.97Attribute houseIdentifier PAGEREF _Toc523395091 \h 462.98Attribute iconPath PAGEREF _Toc523395092 \h 462.99Attribute initials PAGEREF _Toc523395093 \h 462.100Attribute instanceType PAGEREF _Toc523395094 \h 472.101Attribute internationalISDNNumber PAGEREF _Toc523395095 \h 472.102Attribute interSiteTopologyFailover PAGEREF _Toc523395096 \h 472.103Attribute interSiteTopologyGenerator PAGEREF _Toc523395097 \h 482.104Attribute interSiteTopologyRenew PAGEREF _Toc523395098 \h 482.105Attribute invocationId PAGEREF _Toc523395099 \h 482.106Attribute ipPhone PAGEREF _Toc523395100 \h 482.107Attribute isCriticalSystemObject PAGEREF _Toc523395101 \h 492.108Attribute isDefunct PAGEREF _Toc523395102 \h 492.109Attribute isDeleted PAGEREF _Toc523395103 \h 492.110Attribute isEphemeral PAGEREF _Toc523395104 \h 502.111Attribute isMemberOfPartialAttributeSet PAGEREF _Toc523395105 \h 502.112Attribute isRecycled PAGEREF _Toc523395106 \h 502.113Attribute isSingleValued PAGEREF _Toc523395107 \h 512.114Attribute jpegPhoto PAGEREF _Toc523395108 \h 512.115Attribute keywords PAGEREF _Toc523395109 \h 512.116Attribute l PAGEREF _Toc523395110 \h 522.117Attribute labeledURI PAGEREF _Toc523395111 \h 522.118Attribute lastAgedChange PAGEREF _Toc523395112 \h 522.119Attribute lastBackupRestorationTime PAGEREF _Toc523395113 \h 532.120Attribute lastKnownParent PAGEREF _Toc523395114 \h 532.121Attribute lastLogonTimestamp PAGEREF _Toc523395115 \h 532.122Attribute lDAPAdminLimits PAGEREF _Toc523395116 \h 532.123Attribute lDAPDisplayName PAGEREF _Toc523395117 \h 542.124Attribute lDAPIPDenyList PAGEREF _Toc523395118 \h 542.125Attribute linkID PAGEREF _Toc523395119 \h 542.126Attribute localizationDisplayId PAGEREF _Toc523395120 \h 552.127Attribute location PAGEREF _Toc523395121 \h 552.128Attribute lockoutTime PAGEREF _Toc523395122 \h 552.129Attribute mail PAGEREF _Toc523395123 \h 562.130Attribute mailAddress PAGEREF _Toc523395124 \h 562.131Attribute managedBy PAGEREF _Toc523395125 \h 562.132Attribute managedObjects PAGEREF _Toc523395126 \h 572.133Attribute manager PAGEREF _Toc523395127 \h 572.134Attribute masteredBy PAGEREF _Toc523395128 \h 572.135Attribute mayContain PAGEREF _Toc523395129 \h 582.136Attribute member PAGEREF _Toc523395130 \h 582.137Attribute memberOf PAGEREF _Toc523395131 \h 582.138Attribute middleName PAGEREF _Toc523395132 \h 592.139Attribute mobile PAGEREF _Toc523395133 \h 592.140Attribute modifyTimeStamp PAGEREF _Toc523395134 \h 592.141Attribute moveTreeState PAGEREF _Toc523395135 \h 602.142Attribute mS-DS-ConsistencyChildCount PAGEREF _Toc523395136 \h 602.143Attribute mS-DS-ConsistencyGuid PAGEREF _Toc523395137 \h 602.144Attribute mS-DS-ReplicatesNCReason PAGEREF _Toc523395138 \h 612.145Attribute ms-DS-UserAccountAutoLocked PAGEREF _Toc523395139 \h 612.146Attribute ms-DS-UserEncryptedTextPasswordAllowed PAGEREF _Toc523395140 \h 612.147Attribute ms-DS-UserPasswordNotRequired PAGEREF _Toc523395141 \h 622.148Attribute msDS-AllowedDNSSuffixes PAGEREF _Toc523395142 \h 622.149Attribute msDS-Approx-Immed-Subordinates PAGEREF _Toc523395143 \h 622.150Attribute msDS-Auxiliary-Classes PAGEREF _Toc523395144 \h 632.151Attribute msDS-AzApplicationData PAGEREF _Toc523395145 \h 632.152Attribute msDS-AzApplicationName PAGEREF _Toc523395146 \h 632.153Attribute msDS-AzApplicationVersion PAGEREF _Toc523395147 \h 642.154Attribute msDS-AzBizRule PAGEREF _Toc523395148 \h 642.155Attribute msDS-AzBizRuleLanguage PAGEREF _Toc523395149 \h 642.156Attribute msDS-AzClassId PAGEREF _Toc523395150 \h 652.157Attribute msDS-AzDomainTimeout PAGEREF _Toc523395151 \h 652.158Attribute msDS-AzGenerateAudits PAGEREF _Toc523395152 \h 652.159Attribute msDS-AzGenericData PAGEREF _Toc523395153 \h 652.160Attribute msDS-AzLastImportedBizRulePath PAGEREF _Toc523395154 \h 662.161Attribute msDS-AzLDAPQuery PAGEREF _Toc523395155 \h 662.162Attribute msDS-AzMajorVersion PAGEREF _Toc523395156 \h 662.163Attribute msDS-AzMinorVersion PAGEREF _Toc523395157 \h 672.164Attribute msDS-AzObjectGuid PAGEREF _Toc523395158 \h 672.165Attribute msDS-AzOperationID PAGEREF _Toc523395159 \h 672.166Attribute msDS-AzScopeName PAGEREF _Toc523395160 \h 682.167Attribute msDS-AzScriptEngineCacheMax PAGEREF _Toc523395161 \h 682.168Attribute msDS-AzScriptTimeout PAGEREF _Toc523395162 \h 682.169Attribute msDS-AzTaskIsRoleDefinition PAGEREF _Toc523395163 \h 692.170Attribute msDS-Behavior-Version PAGEREF _Toc523395164 \h 692.171Attribute msDS-BridgeHeadServersUsed PAGEREF _Toc523395165 \h 692.172Attribute msDS-DefaultNamingContext PAGEREF _Toc523395166 \h 702.173Attribute msDS-DefaultNamingContextBL PAGEREF _Toc523395167 \h 702.174Attribute msDS-DefaultQuota PAGEREF _Toc523395168 \h 702.175Attribute msDS-DeletedObjectLifetime PAGEREF _Toc523395169 \h 712.176Attribute msDS-DisableForInstances PAGEREF _Toc523395170 \h 712.177Attribute msDS-DisableForInstancesBL PAGEREF _Toc523395171 \h 712.178Attribute msDS-DnsRootAlias PAGEREF _Toc523395172 \h 722.179Attribute msDS-EnabledFeature PAGEREF _Toc523395173 \h 722.180Attribute msDS-EnabledFeatureBL PAGEREF _Toc523395174 \h 722.181Attribute msDS-Entry-Time-To-Die PAGEREF _Toc523395175 \h 732.182Attribute msDS-ExecuteScriptPassword PAGEREF _Toc523395176 \h 732.183Attribute msDS-FilterContainers PAGEREF _Toc523395177 \h 732.184Attribute msDS-HasDomainNCs PAGEREF _Toc523395178 \h 742.185Attribute msDS-HasInstantiatedNCs PAGEREF _Toc523395179 \h 742.186Attribute msDS-hasMasterNCs PAGEREF _Toc523395180 \h 742.187Attribute msDS-IntId PAGEREF _Toc523395181 \h 752.188Attribute msds-memberOfTransitive PAGEREF _Toc523395182 \h 752.189Attribute msds-memberTransitive PAGEREF _Toc523395183 \h 752.190Attribute msDS-LastKnownRDN PAGEREF _Toc523395184 \h 762.191Attribute msDS-LocalEffectiveDeletionTime PAGEREF _Toc523395185 \h 762.192Attribute msDS-LocalEffectiveRecycleTime PAGEREF _Toc523395186 \h 762.193Attribute msDs-masteredBy PAGEREF _Toc523395187 \h 762.194Attribute msDS-MembersForAzRole PAGEREF _Toc523395188 \h 772.195Attribute msDS-MembersForAzRoleBL PAGEREF _Toc523395189 \h 772.196Attribute msDS-NC-Replica-Locations PAGEREF _Toc523395190 \h 772.197Attribute msDS-NCReplCursors PAGEREF _Toc523395191 \h 782.198Attribute msDS-NCReplInboundNeighbors PAGEREF _Toc523395192 \h 782.199Attribute msDS-NCReplOutboundNeighbors PAGEREF _Toc523395193 \h 782.200Attribute msDS-Non-Security-Group-Extra-Classes PAGEREF _Toc523395194 \h 792.201Attribute msDS-NonMembers PAGEREF _Toc523395195 \h 792.202Attribute msDS-NonMembersBL PAGEREF _Toc523395196 \h 792.203Attribute msDS-OperationsForAzRole PAGEREF _Toc523395197 \h 802.204Attribute msDS-OperationsForAzRoleBL PAGEREF _Toc523395198 \h 802.205Attribute msDS-OperationsForAzTask PAGEREF _Toc523395199 \h 802.206Attribute msDS-OperationsForAzTaskBL PAGEREF _Toc523395200 \h 812.207Attribute msDS-OptionalFeatureFlags PAGEREF _Toc523395201 \h 812.208Attribute msDS-OptionalFeatureGUID PAGEREF _Toc523395202 \h 812.209Attribute msDS-Other-Settings PAGEREF _Toc523395203 \h 822.210Attribute msDS-parentdistname PAGEREF _Toc523395204 \h 822.211Attribute msDS-PortLDAP PAGEREF _Toc523395205 \h 822.212Attribute msDS-PortSSL PAGEREF _Toc523395206 \h 832.213Attribute msDS-Preferred-GC-Site PAGEREF _Toc523395207 \h 832.214Attribute msDS-PrincipalName PAGEREF _Toc523395208 \h 832.215Attribute msDS-QuotaAmount PAGEREF _Toc523395209 \h 842.216Attribute msDS-QuotaEffective PAGEREF _Toc523395210 \h 842.217Attribute msDS-QuotaTrustee PAGEREF _Toc523395211 \h 842.218Attribute msDS-QuotaUsed PAGEREF _Toc523395212 \h 852.219Attribute msDS-ReplAttributeMetaData PAGEREF _Toc523395213 \h 852.220Attribute msDS-ReplAuthenticationMode PAGEREF _Toc523395214 \h 852.221Attribute msDS-Replication-Notify-First-DSA-Delay PAGEREF _Toc523395215 \h 862.222Attribute msDS-Replication-Notify-Subsequent-DSA-Delay PAGEREF _Toc523395216 \h 862.223Attribute msDS-ReplicationEpoch PAGEREF _Toc523395217 \h 862.224Attribute msDS-ReplValueMetaData PAGEREF _Toc523395218 \h 862.225Attribute msDS-ReplValueMetaDataExt PAGEREF _Toc523395219 \h 872.226Attribute msDS-RequiredDomainBehaviorVersion PAGEREF _Toc523395220 \h 872.227Attribute msDS-RequiredForestBehaviorVersion PAGEREF _Toc523395221 \h 872.228Attribute msDS-RetiredReplNCSignatures PAGEREF _Toc523395222 \h 882.229Attribute msDs-Schema-Extensions PAGEREF _Toc523395223 \h 882.230Attribute msDS-SCPContainer PAGEREF _Toc523395224 \h 882.231Attribute msDS-SDReferenceDomain PAGEREF _Toc523395225 \h 892.232Attribute msDS-Security-Group-Extra-Classes PAGEREF _Toc523395226 \h 892.233Attribute msDS-ServiceAccount PAGEREF _Toc523395227 \h 892.234Attribute msDS-ServiceAccountBL PAGEREF _Toc523395228 \h 902.235Attribute msDS-ServiceAccountDNSDomain PAGEREF _Toc523395229 \h 902.236Attribute msDS-Settings PAGEREF _Toc523395230 \h 902.237Attribute msDS-TasksForAzRole PAGEREF _Toc523395231 \h 912.238Attribute msDS-TasksForAzRoleBL PAGEREF _Toc523395232 \h 912.239Attribute msDS-TasksForAzTask PAGEREF _Toc523395233 \h 912.240Attribute msDS-TasksForAzTaskBL PAGEREF _Toc523395234 \h 922.241Attribute msDS-TombstoneQuotaFactor PAGEREF _Toc523395235 \h 922.242Attribute msDS-TopQuotaUsage PAGEREF _Toc523395236 \h 922.243Attribute msDS-UpdateScript PAGEREF _Toc523395237 \h 932.244Attribute msDS-User-Account-Control-Computed PAGEREF _Toc523395238 \h 932.245Attribute msDS-UserAccountDisabled PAGEREF _Toc523395239 \h 932.246Attribute msDS-UserDontExpirePassword PAGEREF _Toc523395240 \h 932.247Attribute msDS-UserPasswordExpired PAGEREF _Toc523395241 \h 942.248Attribute msDS-USNLastSyncSuccess PAGEREF _Toc523395242 \h 942.249Attribute mustContain PAGEREF _Toc523395243 \h 942.250Attribute name PAGEREF _Toc523395244 \h 952.251Attribute nCName PAGEREF _Toc523395245 \h 952.252Attribute nETBIOSName PAGEREF _Toc523395246 \h 952.253Attribute networkAddress PAGEREF _Toc523395247 \h 962.254Attribute nonIndexedMetadata PAGEREF _Toc523395248 \h 962.255Attribute notificationList PAGEREF _Toc523395249 \h 962.256Attribute ntPwdHistory PAGEREF _Toc523395250 \h 972.257Attribute nTSecurityDescriptor PAGEREF _Toc523395251 \h 972.258Attribute o PAGEREF _Toc523395252 \h 972.259Attribute objectCategory PAGEREF _Toc523395253 \h 982.260Attribute objectClass PAGEREF _Toc523395254 \h 982.261Attribute objectClassCategory PAGEREF _Toc523395255 \h 982.262Attribute objectClasses PAGEREF _Toc523395256 \h 992.263Attribute objectGUID PAGEREF _Toc523395257 \h 992.264Attribute objectSid PAGEREF _Toc523395258 \h 992.265Attribute objectVersion PAGEREF _Toc523395259 \h 1002.266Attribute oMObjectClass PAGEREF _Toc523395260 \h 1002.267Attribute oMSyntax PAGEREF _Toc523395261 \h 1002.268Attribute options PAGEREF _Toc523395262 \h 1012.269Attribute otherFacsimileTelephoneNumber PAGEREF _Toc523395263 \h 1012.270Attribute otherHomePhone PAGEREF _Toc523395264 \h 1012.271Attribute otherIpPhone PAGEREF _Toc523395265 \h 1022.272Attribute otherMobile PAGEREF _Toc523395266 \h 1022.273Attribute otherPager PAGEREF _Toc523395267 \h 1022.274Attribute otherTelephone PAGEREF _Toc523395268 \h 1032.275Attribute otherWellKnownObjects PAGEREF _Toc523395269 \h 1032.276Attribute ou PAGEREF _Toc523395270 \h 1032.277Attribute owner PAGEREF _Toc523395271 \h 1042.278Attribute ownerBL PAGEREF _Toc523395272 \h 1042.279Attribute pager PAGEREF _Toc523395273 \h 1042.280Attribute parentGUID PAGEREF _Toc523395274 \h 1052.281Attribute partialAttributeDeletionList PAGEREF _Toc523395275 \h 1052.282Attribute partialAttributeSet PAGEREF _Toc523395276 \h 1052.283Attribute pekList PAGEREF _Toc523395277 \h 1062.284Attribute personalTitle PAGEREF _Toc523395278 \h 1062.285Attribute photo PAGEREF _Toc523395279 \h 1062.286Attribute physicalDeliveryOfficeName PAGEREF _Toc523395280 \h 1072.287Attribute possibleInferiors PAGEREF _Toc523395281 \h 1072.288Attribute possSuperiors PAGEREF _Toc523395282 \h 1072.289Attribute postalAddress PAGEREF _Toc523395283 \h 1082.290Attribute postalCode PAGEREF _Toc523395284 \h 1082.291Attribute postOfficeBox PAGEREF _Toc523395285 \h 1082.292Attribute preferredDeliveryMethod PAGEREF _Toc523395286 \h 1092.293Attribute preferredLanguage PAGEREF _Toc523395287 \h 1092.294Attribute preferredOU PAGEREF _Toc523395288 \h 1092.295Attribute prefixMap PAGEREF _Toc523395289 \h 1102.296Attribute primaryGroupToken PAGEREF _Toc523395290 \h 1102.297Attribute primaryInternationalISDNNumber PAGEREF _Toc523395291 \h 1102.298Attribute primaryTelexNumber PAGEREF _Toc523395292 \h 1102.299Attribute proxiedObjectName PAGEREF _Toc523395293 \h 1112.300Attribute proxyAddresses PAGEREF _Toc523395294 \h 1112.301Attribute pwdLastSet PAGEREF _Toc523395295 \h 1122.302Attribute queryFilter PAGEREF _Toc523395296 \h 1122.303Attribute queryPolicyBL PAGEREF _Toc523395297 \h 1122.304Attribute queryPolicyObject PAGEREF _Toc523395298 \h 1122.305Attribute rangeLower PAGEREF _Toc523395299 \h 1132.306Attribute rangeUpper PAGEREF _Toc523395300 \h 1132.307Attribute rDNAttID PAGEREF _Toc523395301 \h 1132.308Attribute registeredAddress PAGEREF _Toc523395302 \h 1142.309Attribute replInterval PAGEREF _Toc523395303 \h 1142.310Attribute replPropertyMetaData PAGEREF _Toc523395304 \h 1142.311Attribute replTopologyStayOfExecution PAGEREF _Toc523395305 \h 1152.312Attribute replUpToDateVector PAGEREF _Toc523395306 \h 1152.313Attribute repsFrom PAGEREF _Toc523395307 \h 1152.314Attribute repsTo PAGEREF _Toc523395308 \h 1162.315Attribute retiredReplDSASignatures PAGEREF _Toc523395309 \h 1162.316Attribute revision PAGEREF _Toc523395310 \h 1162.317Attribute rightsGuid PAGEREF _Toc523395311 \h 1172.318Attribute roomNumber PAGEREF _Toc523395312 \h 1172.319Attribute rootTrust PAGEREF _Toc523395313 \h 1172.320Attribute schedule PAGEREF _Toc523395314 \h 1182.321Attribute schemaFlagsEx PAGEREF _Toc523395315 \h 1182.322Attribute schemaIDGUID PAGEREF _Toc523395316 \h 1182.323Attribute schemaInfo PAGEREF _Toc523395317 \h 1192.324Attribute schemaUpdate PAGEREF _Toc523395318 \h 1192.325Attribute schemaVersion PAGEREF _Toc523395319 \h 1192.326Attribute scopeFlags PAGEREF _Toc523395320 \h 1202.327Attribute sDRightsEffective PAGEREF _Toc523395321 \h 1202.328Attribute searchFlags PAGEREF _Toc523395322 \h 1202.329Attribute searchGuide PAGEREF _Toc523395323 \h 1212.330Attribute secretary PAGEREF _Toc523395324 \h 1212.331Attribute seeAlso PAGEREF _Toc523395325 \h 1212.332Attribute serialNumber PAGEREF _Toc523395326 \h 1222.333Attribute serverReference PAGEREF _Toc523395327 \h 1222.334Attribute serverReferenceBL PAGEREF _Toc523395328 \h 1222.335Attribute shellContextMenu PAGEREF _Toc523395329 \h 1232.336Attribute shellPropertyPages PAGEREF _Toc523395330 \h 1232.337Attribute showInAdvancedViewOnly PAGEREF _Toc523395331 \h 1232.338Attribute siteLinkList PAGEREF _Toc523395332 \h 1242.339Attribute siteList PAGEREF _Toc523395333 \h 1242.340Attribute siteObject PAGEREF _Toc523395334 \h 1242.341Attribute siteObjectBL PAGEREF _Toc523395335 \h 1252.342Attribute siteServer PAGEREF _Toc523395336 \h 1252.343Attribute sn PAGEREF _Toc523395337 \h 1252.344Attribute sourceObjectGuid PAGEREF _Toc523395338 \h 1262.345Attribute st PAGEREF _Toc523395339 \h 1262.346Attribute street PAGEREF _Toc523395340 \h 1262.347Attribute streetAddress PAGEREF _Toc523395341 \h 1272.348Attribute structuralObjectClass PAGEREF _Toc523395342 \h 1272.349Attribute subClassOf PAGEREF _Toc523395343 \h 1272.350Attribute subRefs PAGEREF _Toc523395344 \h 1272.351Attribute subSchemaSubEntry PAGEREF _Toc523395345 \h 1282.352Attribute superiorDNSRoot PAGEREF _Toc523395346 \h 1282.353Attribute supplementalCredentials PAGEREF _Toc523395347 \h 1282.354Attribute systemAuxiliaryClass PAGEREF _Toc523395348 \h 1292.355Attribute systemFlags PAGEREF _Toc523395349 \h 1292.356Attribute systemMayContain PAGEREF _Toc523395350 \h 1292.357Attribute systemMustContain PAGEREF _Toc523395351 \h 1302.358Attribute systemOnly PAGEREF _Toc523395352 \h 1302.359Attribute systemPossSuperiors PAGEREF _Toc523395353 \h 1302.360Attribute telephoneNumber PAGEREF _Toc523395354 \h 1312.361Attribute teletexTerminalIdentifier PAGEREF _Toc523395355 \h 1312.362Attribute telexNumber PAGEREF _Toc523395356 \h 1312.363Attribute thumbnailLogo PAGEREF _Toc523395357 \h 1322.364Attribute thumbnailPhoto PAGEREF _Toc523395358 \h 1322.365Attribute title PAGEREF _Toc523395359 \h 1322.366Attribute tokenGroups PAGEREF _Toc523395360 \h 1332.367Attribute tombstoneLifetime PAGEREF _Toc523395361 \h 1332.368Attribute transportAddressAttribute PAGEREF _Toc523395362 \h 1332.369Attribute transportDLLName PAGEREF _Toc523395363 \h 1342.370Attribute transportType PAGEREF _Toc523395364 \h 1342.371Attribute treatAsLeaf PAGEREF _Toc523395365 \h 1342.372Attribute trustParent PAGEREF _Toc523395366 \h 1352.373Attribute uid PAGEREF _Toc523395367 \h 1352.374Attribute unicodePwd PAGEREF _Toc523395368 \h 1352.375Attribute uPNSuffixes PAGEREF _Toc523395369 \h 1362.376Attribute url PAGEREF _Toc523395370 \h 1362.377Attribute userCertificate PAGEREF _Toc523395371 \h 1362.378Attribute userParameters PAGEREF _Toc523395372 \h 1372.379Attribute userPassword PAGEREF _Toc523395373 \h 1372.380Attribute userPKCS12 PAGEREF _Toc523395374 \h 1372.381Attribute userPrincipalName PAGEREF _Toc523395375 \h 1382.382Attribute userSMIMECertificate PAGEREF _Toc523395376 \h 1382.383Attribute uSNChanged PAGEREF _Toc523395377 \h 1382.384Attribute uSNCreated PAGEREF _Toc523395378 \h 1392.385Attribute uSNDSALastObjRemoved PAGEREF _Toc523395379 \h 1392.386Attribute USNIntersite PAGEREF _Toc523395380 \h 1392.387Attribute uSNLastObjRem PAGEREF _Toc523395381 \h 1402.388Attribute uSNSource PAGEREF _Toc523395382 \h 1402.389Attribute validAccesses PAGEREF _Toc523395383 \h 1402.390Attribute wbemPath PAGEREF _Toc523395384 \h 1412.391Attribute wellKnownObjects PAGEREF _Toc523395385 \h 1412.392Attribute whenChanged PAGEREF _Toc523395386 \h 1412.393Attribute whenCreated PAGEREF _Toc523395387 \h 1422.394Attribute wWWHomePage PAGEREF _Toc523395388 \h 1422.395Attribute x121Address PAGEREF _Toc523395389 \h 1422.396Attribute x500uniqueIdentifier PAGEREF _Toc523395390 \h 1433Classes PAGEREF _Toc523395391 \h 1443.1Class applicationSettings PAGEREF _Toc523395392 \h 1443.2Class applicationSiteSettings PAGEREF _Toc523395393 \h 1443.3Class attributeSchema PAGEREF _Toc523395394 \h 1443.4Class classSchema PAGEREF _Toc523395395 \h 1453.5Class configuration PAGEREF _Toc523395396 \h 1453.6Class container PAGEREF _Toc523395397 \h 1463.7Class controlAccessRight PAGEREF _Toc523395398 \h 1463.8Class country PAGEREF _Toc523395399 \h 1463.9Class crossRef PAGEREF _Toc523395400 \h 1473.10Class crossRefContainer PAGEREF _Toc523395401 \h 1473.11Class displaySpecifier PAGEREF _Toc523395402 \h 1483.12Class dMD PAGEREF _Toc523395403 \h 1483.13Class domain PAGEREF _Toc523395404 \h 1483.14Class domainDNS PAGEREF _Toc523395405 \h 1493.15Class dSUISettings PAGEREF _Toc523395406 \h 1493.16Class dynamicObject PAGEREF _Toc523395407 \h 1503.17Class foreignSecurityPrincipal PAGEREF _Toc523395408 \h 1503.18Class group PAGEREF _Toc523395409 \h 1503.19Class groupOfNames PAGEREF _Toc523395410 \h 1513.20Class inetOrgPerson PAGEREF _Toc523395411 \h 1513.21Class interSiteTransport PAGEREF _Toc523395412 \h 1523.22Class interSiteTransportContainer PAGEREF _Toc523395413 \h 1523.23Class leaf PAGEREF _Toc523395414 \h 1523.24Class locality PAGEREF _Toc523395415 \h 1533.25Class lostAndFound PAGEREF _Toc523395416 \h 1533.26Class msDS-AzAdminManager PAGEREF _Toc523395417 \h 1533.27Class msDS-AzApplication PAGEREF _Toc523395418 \h 1543.28Class msDS-AzOperation PAGEREF _Toc523395419 \h 1543.29Class msDS-AzRole PAGEREF _Toc523395420 \h 1553.30Class msDS-AzScope PAGEREF _Toc523395421 \h 1553.31Class msDS-AzTask PAGEREF _Toc523395422 \h 1553.32Class msDS-BindableObject PAGEREF _Toc523395423 \h 1563.33Class msDS-BindProxy PAGEREF _Toc523395424 \h 1563.34Class msDS-OptionalFeature PAGEREF _Toc523395425 \h 1573.35Class msDS-QuotaContainer PAGEREF _Toc523395426 \h 1573.36Class msDS-QuotaControl PAGEREF _Toc523395427 \h 1573.37Class msDS-ServiceConnectionPointPublicationService PAGEREF _Toc523395428 \h 1583.38Class nTDSConnection PAGEREF _Toc523395429 \h 1583.39Class nTDSDSA PAGEREF _Toc523395430 \h 1583.40Class nTDSService PAGEREF _Toc523395431 \h 1593.41Class nTDSSiteSettings PAGEREF _Toc523395432 \h 1593.42Class organizationalPerson PAGEREF _Toc523395433 \h 1603.43Class organization PAGEREF _Toc523395434 \h 1603.44Class organizationalUnit PAGEREF _Toc523395435 \h 1613.45Class person PAGEREF _Toc523395436 \h 1613.46Class queryPolicy PAGEREF _Toc523395437 \h 1623.47Class securityPrincipal PAGEREF _Toc523395438 \h 1623.48Class server PAGEREF _Toc523395439 \h 1623.49Class serversContainer PAGEREF _Toc523395440 \h 1633.50Class site PAGEREF _Toc523395441 \h 1633.51Class siteLink PAGEREF _Toc523395442 \h 1633.52Class siteLinkBridge PAGEREF _Toc523395443 \h 1643.53Class sitesContainer PAGEREF _Toc523395444 \h 1643.54Class subnet PAGEREF _Toc523395445 \h 1643.55Class subnetContainer PAGEREF _Toc523395446 \h 1653.56Class subSchema PAGEREF _Toc523395447 \h 1653.57Class syncEngineAuxConfiguration PAGEREF _Toc523395448 \h 1653.58Class syncEngineAuxObject PAGEREF _Toc523395449 \h 1663.59Class top PAGEREF _Toc523395450 \h 1663.60Class userProxy PAGEREF _Toc523395451 \h 1673.61Class userProxyFull PAGEREF _Toc523395452 \h 1673.62Class user PAGEREF _Toc523395453 \h 1684Change Tracking PAGEREF _Toc523395454 \h 1695Index PAGEREF _Toc523395455 \h 170Introduction XE "Introduction" Active Directory Lightweight Directory Services Schema contains a list of the objects that exist in the Active Directory Lightweight Directory Services (AD LDS) schema. Active Directory and all associated terms and concepts are described in [MS-ADTS].Note: This document is not intended to stand on its own; it is intended to act as an appendix to the Active Directory Technical Specification. For details about the AD LDS schema, see [MS-ADTS] section 3.1.1.2 (Active Directory Schema).Note: The object definitions in this document are also available for download in LDAP Data Interchange Format (LDIF) at the following location: [MSFT-ADSCHEMA].Note: The object definitions in this document contain information about the product in which the objects were first implemented in the AD LDS schema. Unless otherwise specified, objects continue to be available in the AD LDS schema in all subsequent versions of the product according to the list of products in [MS-ADTS] section 1 and according to the information about AD LDS for Windows Client operating systems in [MS-ADTS] section 1.References[JFIF] Hamilton, E., "JPEG File Interchange Format, Version 1.02", September 1992, [MS-ADOD] Microsoft Corporation, "Active Directory Protocols Overview".[MS-ADTS] Microsoft Corporation, "Active Directory Technical Specification".[MS-DTYP] Microsoft Corporation, "Windows Data Types".[MSDN-ExtUserIntDirObj] Microsoft Corporation, "Extending the User Interface for Directory Objects", [MSDN-GroupType] Microsoft Corporation, "Group-Type", [MSFT-ADSCHEMA] Microsoft Corporation, "Combined Active Directory Schema Classes and Attributes for Windows Server", December 2013, [RFC2251] Wahl, M., Howes, T., and Kille, S., "Lightweight Directory Access Protocol (v3)", RFC 2251, December 1997, [RFC2849] Good, G., "The LDAP Data Interchange Format (LDIF) - Technical Specification", RFC 2849, June 2000, [RFC3280] Housley, R., Polk, W., Ford, W., and Solo, D., "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3280, April 2002, [RFC822] Crocker, D.H., "Standard for ARPA Internet Text Messages", STD 11, RFC 822, August 1982, [X121] ITU-T, "Public data networks - Network aspects - International numbering plan for public data networks", Recommendation X.121, October 2000, [X500] ITU-T, "Information Technology - Open Systems Interconnection - The Directory: Overview of Concepts, Models and Services", Recommendation X.500, August 2005, There is a charge to download the specification.Attributes XE "Schema - Active Directory Lightweight Directory Services:attributes" XE "Attributes" XE "Active Directory Lightweight Directory Services attributes"The following sections specify the attributes in the Active Directory Lightweight Directory Services schema.These sections normatively specify the schema definition of each attribute and version-specific behavior of those schema definitions (such as when the attribute was added to the schema). Additionally, as an aid to the reader some of the sections include informative notes about how the attribute can be used.Note:?Lines of text in the attribute definitions that are excessively long have been "folded" in accordance with [RFC2849] Note 2.Attribute accountExpiresThis attribute specifies the date when an account expires. This value represents the number of 100-nanosecond intervals since January 1, 1601, Coordinated Universal Time (Greenwich Mean Time). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never : Account-ExpiresldapDisplayName: accountExpiresattributeId: 1.2.840.113556.1.4.159attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967915-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYattributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Active Directory Application Mode (ADAM) and Windows Server 2008 operating system.Attribute adminContextMenuThis attribute specifies the order number and globally unique identifier (GUID) of the context menu to be used on administration screens. GUID is defined in [MS-DTYP] section 2.3.: Admin-Context-MenuldapDisplayName: adminContextMenuattributeId: 1.2.840.113556.1.4.614attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 553fd038-f32e-11d0-b0bc-00c04fd8dca6systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute adminDescriptionThis attribute specifies the description displayed on administration : Admin-DescriptionldapDisplayName: adminDescriptionattributeId: 1.2.840.113556.1.2.226attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967919-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 1024attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute adminDisplayNameThis attribute specifies the name displayed on administration : Admin-Display-NameldapDisplayName: adminDisplayNameattributeId: 1.2.840.113556.1.2.194attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf96791a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 256systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute adminMultiselectPropertyPagesA multivalued attribute whose values are a number representing the order in which the pages are added and a GUID of a component object model (COM) object that implements multiselect property pages for the Active Directory Users and Computers snap-: Admin-Multiselect-Property-PagesldapDisplayName: adminMultiselectPropertyPagesattributeId: 1.2.840.113556.1.4.1690attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 18f9b67d-5ac6-4b3b-97db-d0a406afb7basystemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute adminPropertyPagesThis attribute specifies the order number and GUID of the property pages for an object to be displayed on Active Directory administration screens. For more information, see the document "Extending the User Interface for Directory Objects" [MSDN-ExtUserIntDirObj].cn: Admin-Property-PagesldapDisplayName: adminPropertyPagesattributeId: 1.2.840.113556.1.4.562attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 52458038-ca6a-11d0-afff-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute allowedAttributesThis attribute specifies attributes that are permitted to be assigned to a : Allowed-AttributesldapDisplayName: allowedAttributesattributeId: 1.2.840.113556.1.4.913attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 9a7ad940-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute allowedAttributesEffectiveThis attribute specifies a list of attributes that can be modified on the : Allowed-Attributes-EffectiveldapDisplayName: allowedAttributesEffectiveattributeId: 1.2.840.113556.1.4.914attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 9a7ad941-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute allowedChildClassesThis attribute specifies classes that can be contained by a : Allowed-Child-ClassesldapDisplayName: allowedChildClassesattributeId: 1.2.840.113556.1.4.911attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 9a7ad942-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute allowedChildClassesEffectiveThis attribute specifies a list of classes that can be : Allowed-Child-Classes-EffectiveldapDisplayName: allowedChildClassesEffectiveattributeId: 1.2.840.113556.1.4.912attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 9a7ad943-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute aNRThis attribute specifies whether ambiguous name resolution is to be used when choosing between : ANRldapDisplayName: aNRattributeId: 1.2.840.113556.1.4.1208attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 45b01500-c419-11d1-bbc9-0080c76670c0systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute appliesToThis attribute contains the list of object classes that the extended right applies to. In the list, an object class is represented by the schemaIDGUID property for its schemaClass : Applies-ToldapDisplayName: appliesToattributeId: 1.2.840.113556.1.4.341attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 8297931d-86d3-11d0-afda-00c04fd930c9systemOnly: FALSEsearchFlags: 0rangeLower: 36rangeUpper: 36systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute assistantThis attribute specifies the distinguished name (DN) of a user's administrative : AssistantldapDisplayName: assistantattributeId: 1.2.840.113556.1.4.652attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 0296c11c-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: fCOPYattributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute attributeCertificateAttributeThis attribute specifies a digitally signed or certified identity and set of attributes. It is used to bind authorization information to an : attributeCertificateAttributeldapDisplayName: attributeCertificateAttributeattributeId: 2.5.4.58attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: fa4693bb-7bc2-4cb9-81a8-c99c43b7905esystemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute attributeDisplayNamesThis attribute specifies the name to be displayed for this : Attribute-Display-NamesldapDisplayName: attributeDisplayNamesattributeId: 1.2.840.113556.1.4.748attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: cb843f80-48d9-11d1-a9c3-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute attributeIDThis attribute specifies the unique X.500 object identifier (OID) that identifies an attribute. For more information, see [X500].cn: Attribute-IDldapDisplayName: attributeIDattributeId: 1.2.840.113556.1.2.30attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: bf967922-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute attributeSecurityGUIDThis attribute specifies the GUID to be used to apply security credentials to a set of : Attribute-Security-GUIDldapDisplayName: attributeSecurityGUIDattributeId: 1.2.840.113556.1.4.149attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf967924-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 16rangeUpper: 16systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute attributeSyntaxThis attribute specifies the OID for the syntax for this : Attribute-SyntaxldapDisplayName: attributeSyntaxattributeId: 1.2.840.113556.1.2.32attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: bf967925-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute attributeTypesThis attribute specifies a multivalued property containing strings that represent each attribute in the : Attribute-TypesldapDisplayName: attributeTypesattributeId: 2.5.21.5attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad944-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute audioThis attribute allows the storing of sounds in Active : audioldapDisplayName: audioattributeId: 0.9.2342.19200300.100.1.55attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: d0e1d224-e1a0-42ce-a2da-793ba5244f35systemOnly: FALSEsearchFlags: 0rangeUpper: 250000showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute auxiliaryClassThis attribute specifies the list of auxiliary classes to be associated with this : Auxiliary-ClassldapDisplayName: auxiliaryClassattributeId: 1.2.840.113556.1.2.351attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf96792c-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute badPasswordTimeThis attribute specifies the last time and date that an attempt to log on to this account was made using an invalid password. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last "bad password time" is : Bad-Password-TimeldapDisplayName: badPasswordTimeattributeId: 1.2.840.113556.1.4.49attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf96792d-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute badPwdCountThis attribute specifies the number of times the user tried to log on to the account by using an incorrect password. A value of 0 indicates that the value is : Bad-Pwd-CountldapDisplayName: badPwdCountattributeId: 1.2.840.113556.1.4.12attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf96792e-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cfsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute bridgeheadServerListBLThis attribute is the back link attribute of bridgeheadServerList and contains the list of servers that are bridgeheads for : Bridgehead-Server-List-BLldapDisplayName: bridgeheadServerListBLattributeId: 1.2.840.113556.1.4.820attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: d50c2cdb-8951-11d1-aebc-0000f80367c1systemOnly: TRUEsearchFlags: 0linkID: 99systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute bridgeheadTransportListThis attribute specifies transports for which this server is a : Bridgehead-Transport-ListldapDisplayName: bridgeheadTransportListattributeId: 1.2.840.113556.1.4.819attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: d50c2cda-8951-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 98systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute businessCategoryThis attribute specifies descriptive text on an organizational : Business-CategoryldapDisplayName: businessCategoryattributeId: 2.5.4.15attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967931-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 128systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute cThis attribute specifies the country/region in the address of the user. The country/region is represented as the two-character country code based on ISO-: Country-NameldapDisplayName: cattributeId: 2.5.4.6attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967945-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 3attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute canonicalNameThis attribute specifies the name of the object in canonical format. "myserver2.users/jeffsmith" is an example of a DN in canonical format.This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...).cn: Canonical-NameldapDisplayName: canonicalNameattributeId: 1.2.840.113556.1.4.916attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad945-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute carLicenseThis attribute specifies the vehicle license or registration : carLicenseldapDisplayName: carLicenseattributeId: 2.16.840.1.113730.3.1.1attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: d4159c92-957d-4a87-8a67-8d2934e01649systemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute classDisplayNameThis attribute specifies the object name to be displayed on : Class-Display-NameldapDisplayName: classDisplayNameattributeId: 1.2.840.113556.1.4.610attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 548e1c22-dea6-11d0-b010-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute cnThis attribute specifies the name that represents an object. This attribute is used to perform : Common-NameldapDisplayName: cnattributeId: 2.5.4.3attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf96793f-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute coThis attribute specifies the country/region in which the user is : Text-CountryldapDisplayName: coattributeId: 1.2.840.113556.1.2.131attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ffa7-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 128attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute commentThis attribute specifies the user's : User-CommentldapDisplayName: commentattributeId: 1.2.840.113556.1.4.156attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a6a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute companyThis attribute specifies the user's company : CompanyldapDisplayName: companyattributeId: 1.2.840.113556.1.2.146attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ff88-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute configurationFilems-DS-Configuration-Filecn: ms-DS-Configuration-FileldapDisplayName: configurationFileattributeId: 1.2.840.113556.1.4.1889attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEsearchFlags: fATTINDEXVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute configurationFileGuidms-DS-Configuration-File-Guidcn: ms-DS-Configuration-File-GuidldapDisplayName: configurationFileGuidattributeId: 1.2.840.113556.1.4.1886attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEsearchFlags: fATTINDEXVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute contextMenuThis attribute specifies the order number and GUID of the context menu to be used for an : Context-MenuldapDisplayName: contextMenuattributeId: 1.2.840.113556.1.4.499attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 4d8601ee-ac85-11d0-afe3-00c04fd930c9systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute costThis attribute contains the relative cost for routing messages through a particular site : CostldapDisplayName: costattributeId: 1.2.840.113556.1.2.135attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf967944-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute countryCodeThis attribute specifies the country code for the user's language of : Country-CodeldapDisplayName: countryCodeattributeId: 1.2.840.113556.1.4.25attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 5fd42471-1262-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: fCOPYrangeLower: 0rangeUpper: 65535attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute createDialogThis attribute specifies the GUID of a dialog that is used for creating an associated : Create-DialogldapDisplayName: createDialogattributeId: 1.2.840.113556.1.4.810attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 2b09958a-8931-11d1-aebc-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute createTimeStampThis attribute specifies the date when this object was created. This value is : Create-Time-StampldapDisplayName: createTimeStampattributeId: 2.5.18.1attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: 2df90d73-009f-11d2-aa4c-00c04fd7d83asystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute createWizardExtThis attribute specifies the GUID of the wizard extensions for creating an associated : Create-Wizard-ExtldapDisplayName: createWizardExtattributeId: 1.2.840.113556.1.4.812attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 2b09958b-8931-11d1-aebc-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute creationWizardThis attribute specifies the wizard to activate when creating objects of this : Creation-WizardldapDisplayName: creationWizardattributeId: 1.2.840.113556.1.4.498attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 4d8601ed-ac85-11d0-afe3-00c04fd930c9systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute dcThis attribute specifies the naming attribute for domain and DNS objects. This attribute is usually displayed as dc=: Domain-ComponentldapDisplayName: dcattributeId: 0.9.2342.19200300.100.1.25attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 19195a55-6da0-11d0-afd3-00c04fd930c9systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 255isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute defaultClassStoreThis attribute specifies the default class store for a given : Default-Class-StoreldapDisplayName: defaultClassStoreattributeId: 1.2.840.113556.1.4.213attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967948-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute defaultGroupThis attribute specifies the group to which this object is assigned when it is : Default-GroupldapDisplayName: defaultGroupattributeId: 1.2.840.113556.1.4.480attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 720bc4e2-a54a-11d0-afdf-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute defaultHidingValueThis attribute specifies a Boolean value that specifies the default setting of the showInAdvancedViewOnly property of new instances of this : Default-Hiding-ValueldapDisplayName: defaultHidingValueattributeId: 1.2.840.113556.1.4.518attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: b7b13116-b82e-11d0-afee-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute defaultObjectCategoryThis attribute specifies the object category to use for an object if one is not : Default-Object-CategoryldapDisplayName: defaultObjectCategoryattributeId: 1.2.840.113556.1.4.783attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 26d97367-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute defaultSecurityDescriptorThis attribute specifies the security descriptor to be assigned to the object when it is first : Default-Security-DescriptorldapDisplayName: defaultSecurityDescriptorattributeId: 1.2.840.113556.1.4.224attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 807a6d30-1669-11d0-a064-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 32767systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute departmentThis attribute contains the name for the department in which the user : DepartmentldapDisplayName: departmentattributeId: 1.2.840.113556.1.2.141attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf96794f-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute departmentNumberThis attribute identifies a department within an : departmentNumberldapDisplayName: departmentNumberattributeId: 2.16.840.1.113730.3.1.2attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: be9ef6ee-cbc7-4f22-b27b-96967e7ee585systemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute descriptionThis attribute contains the description to display for an object. This value is treated as single-valued by the Active Directory : DescriptionldapDisplayName: descriptionattributeId: 2.5.4.13attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967950-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 1024attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute desktopProfileThis attribute specifies the location of the desktop profile for a user or group of : Desktop-ProfileldapDisplayName: desktopProfileattributeId: 1.2.840.113556.1.4.346attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: eea65906-8ac6-11d0-afda-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute destinationIndicatorThis attribute is part of the X.500 specification [X500].cn: Destination-IndicatorldapDisplayName: destinationIndicatorattributeId: 2.5.4.27attributeSyntax: 2.5.5.5omSyntax: 19isSingleValued: FALSEschemaIdGuid: bf967951-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 128systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute directReportsThis attribute contains the list of users that directly report to the user. The users that are listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the : ReportsldapDisplayName: directReportsattributeId: 1.2.840.113556.1.2.436attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967a1c-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050linkID: 43systemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute displayNameThis attribute specifies the display name for an object. This attribute is usually the combination of the user's first name, middle initial, and last : Display-NameldapDisplayName: displayNameattributeId: 1.2.840.113556.1.2.13attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967953-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fANR | fATTINDEXrangeLower: 0rangeUpper: 256attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute displayNamePrintableThis attribute specifies the printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last : Display-Name-PrintableldapDisplayName: displayNamePrintableattributeId: 1.2.840.113556.1.2.353attributeSyntax: 2.5.5.5omSyntax: 19isSingleValued: TRUEschemaIdGuid: bf967954-0de6-11d0-a285-00aa003049e2systemOnly: FALSErangeLower: 1rangeUpper: 256attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute distinguishedNameThis attribute is the same as the DN for an : Obj-Dist-NameldapDisplayName: distinguishedNameattributeId: 2.5.4.49attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf9679e4-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dITContentRulesThis attribute specifies the permissible content of entries of a particular structural object class via the identification of an optional set of auxiliary object classes, mandatory, optional, and precluded attributes. Collective attributes are included in DIT-Content-Rules, as specified in [RFC2251] section 3.2.: DIT-Content-RulesldapDisplayName: dITContentRulesattributeId: 2.5.21.2attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad946-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute divisionThis attribute specifies the user's : DivisionldapDisplayName: divisionattributeId: 1.2.840.113556.1.4.261attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: fe6136a0-2073-11d0-a9c2-00aa006c33edsystemOnly: FALSEsearchFlags: fCOPYrangeLower: 0rangeUpper: 256attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dMDLocationThis attribute specifies the DN that identifies the schema : DMD-LocationldapDisplayName: dMDLocationattributeId: 1.2.840.113556.1.2.36attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: f0f8ff8b-1191-11d0-a060-00aa006c33edsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dmdNameThis attribute specifies a name that is used to identify the schema : DMD-NameldapDisplayName: dmdNameattributeId: 1.2.840.113556.1.2.598attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 167757b9-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 1024systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dNSHostNameThis attribute specifies the name of the computer as it is registered in : DNS-Host-NameldapDisplayName: dNSHostNameattributeId: 1.2.840.113556.1.4.619attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cdsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 2048attributeSecurityGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cdisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dnsRootThis attribute specifies the FQDN (1) ([MS-ADTS] section 1.1) that is associated with a naming context. This attribute is set on a crossRef object and is used for referral generation.When a search is made through an entire domain tree, the search has to be initiated at the Dns-Root object. This attribute can be multivalued, in which case multiple referrals are : Dns-RootldapDisplayName: dnsRootattributeId: 1.2.840.113556.1.4.28attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967959-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 1rangeUpper: 255systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dSASignatureThis attribute specifies the DSA-Signature of an object, which is the Invocation-ID of the last directory to modify the : DSA-SignatureldapDisplayName: dSASignatureattributeId: 1.2.840.113556.1.2.74attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 167757bc-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dSCorePropagationDataThis attribute is for internal use : DS-Core-Propagation-DataldapDisplayName: dSCorePropagationDataattributeId: 1.2.840.113556.1.4.1357attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: FALSEschemaIdGuid: d167aa4b-8b08-11d2-9939-0000f87a57d4systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dSHeuristicsThis attribute contains global settings for the entire : DS-HeuristicsldapDisplayName: dSHeuristicsattributeId: 1.2.840.113556.1.2.212attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ff86-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute dSUIAdminMaximumThis attribute specifies the default maximum number of objects that are shown in a container by the admin : DS-UI-Admin-MaximumldapDisplayName: dSUIAdminMaximumattributeId: 1.2.840.113556.1.4.1344attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: ee8d0ae0-6f91-11d2-9905-0000f87a57d4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute dSUIAdminNotificationThis attribute specifies a list of the GUIDs of COM objects that support a callback interface that DSAdmin calls when an action has occurred on an object through the : DS-UI-Admin-NotificationldapDisplayName: dSUIAdminNotificationattributeId: 1.2.840.113556.1.4.1343attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: f6ea0a94-6f91-11d2-9905-0000f87a57d4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute dSUIShellMaximumThis attribute specifies the default maximum number of objects that are shown in a container by the shell : DS-UI-Shell-MaximumldapDisplayName: dSUIShellMaximumattributeId: 1.2.840.113556.1.4.1345attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: fcca766a-6f91-11d2-9905-0000f87a57d4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute dynamicLDAPServerThis attribute specifies the fully qualified domain name (FQDN) (1) ([MS-ADTS] section 1.1) of the server handling dynamic properties for this : Dynamic-LDAP-ServerldapDisplayName: dynamicLDAPServerattributeId: 1.2.840.113556.1.4.537attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 52458021-ca6a-11d0-afff-0000f80367c1systemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute employeeIDThis attribute specifies the ID of an : Employee-IDldapDisplayName: employeeIDattributeId: 1.2.840.113556.1.4.35attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967962-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 16Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute employeeNumberThis attribute specifies the number assigned to an employee other than the employee : Employee-NumberldapDisplayName: employeeNumberattributeId: 1.2.840.113556.1.2.610attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: a8df73ef-c5ea-11d1-bbcb-0080c76670c0systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 512Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute employeeTypeThis attribute specifies the job category for an : Employee-TypeldapDisplayName: employeeTypeattributeId: 1.2.840.113556.1.2.613attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: a8df73f0-c5ea-11d1-bbcb-0080c76670c0systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 256Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute EnabledThis attribute is used to signify whether or not a given crossRef is : EnabledldapDisplayName: EnabledattributeId: 1.2.840.113556.1.2.557attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: a8df73f2-c5ea-11d1-bbcb-0080c76670c0systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute enabledConnectionThis attribute indicates whether a connection is available for : Enabled-ConnectionldapDisplayName: enabledConnectionattributeId: 1.2.840.113556.1.4.36attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf967963-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute entryTTLThis operational attribute is maintained by the server and appears to be present in every dynamic entry. The attribute is not present when the entry does not contain the dynamicObject object class.The value of this attribute is the time, in seconds, that the entry continues to exist before disappearing from the directory. In the absence of intervening "refresh" operations, the values returned by reading the attribute in two successive searches are guaranteed to be nonincreasing. The smallest permissible value is 0, indicating that the entry can disappear without warning. The attribute is marked NO-USER-MODIFICATION because it can only be changed by using the refresh : Entry-TTLldapDisplayName: entryTTLattributeId: 1.3.6.1.4.1.1466.101.119.3attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: d213decc-d81a-4384-aac2-dcfcfd631cf8systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 31557600systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute extendedAttributeInfoThis attribute specifies a multivalued property containing strings that represent additional information for each : Extended-Attribute-InfoldapDisplayName: extendedAttributeInfoattributeId: 1.2.840.113556.1.4.909attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad947-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute extendedCharsAllowedThis attribute indicates whether extended characters are allowed in the value of this attribute. Applies only to IA5, Numeric, Printable, and Teletex string : Extended-Chars-AllowedldapDisplayName: extendedCharsAllowedattributeId: 1.2.840.113556.1.2.380attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf967966-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute extendedClassInfoThis attribute specifies a multivalued property containing strings that represent additional information for each class. Each value contains the governsID, lDAPDisplayName, and schemaIDGUID of the : Extended-Class-InfoldapDisplayName: extendedClassInfoattributeId: 1.2.840.113556.1.4.908attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad948-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute extensionNameThis attribute specifies the name of a property page that is used to extend the UI of a directory : Extension-NameldapDisplayName: extensionNameattributeId: 1.2.840.113556.1.2.227attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967972-0de6-11d0-a285-00aa003049e2systemOnly: FALSErangeLower: 1rangeUpper: 255Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute extraColumnsThis is a multivalued attribute whose values consist of a 5 tuple: (attribute name), (column title), (default visibility (0,1)), (column width (-1 for auto width)), 0 (reserved for future use; has to be zero). This value is used by the Active Directory Users and Computers : Extra-ColumnsldapDisplayName: extraColumnsattributeId: 1.2.840.113556.1.4.1687attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: d24e2846-1dd9-4bcf-99d7-a6227cc86da7systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute facsimileTelephoneNumberThis attribute contains the telephone number of the user's business fax : Facsimile-Telephone-NumberldapDisplayName: facsimileTelephoneNumberattributeId: 2.5.4.23attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967974-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute fromEntryThis is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only; for example, a global catalog (GC) replica : From-EntryldapDisplayName: fromEntryattributeId: 1.2.840.113556.1.4.910attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: FALSEschemaIdGuid: 9a7ad949-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute fromServerThis attribute specifies the distinguished name of the replication source : From-ServerldapDisplayName: fromServerattributeId: 1.2.840.113556.1.4.40attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf967979-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute fSMORoleOwnerThe fSMORoleOwner attribute stores the distinguished name of a DSA object as described in [MS-ADTS] section 3.1.1.1.11 (FSMO Roles).cn: FSMO-Role-OwnerldapDisplayName: fSMORoleOwnerattributeId: 1.2.840.113556.1.4.369attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 66171887-8f3c-11d0-afda-00c04fd930c9systemOnly: FALSEsearchFlags: fATTINDEXsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute garbageCollPeriodThis attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the period of time, in hours, between directory service (DS) garbage collection : Garbage-Coll-PeriodldapDisplayName: garbageCollPeriodattributeId: 1.2.840.113556.1.2.301attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 5fd424a1-1262-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute generatedConnectionThis attribute is TRUE if this connection was created by auto-topology : Generated-ConnectionldapDisplayName: generatedConnectionattributeId: 1.2.840.113556.1.4.41attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf96797a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute generationQualifierThis attribute indicates a person's generation; for example, "Jr." or "II".cn: Generation-QualifierldapDisplayName: generationQualifierattributeId: 2.5.4.44attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 16775804-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute givenNameThis attribute contains the given name (first name) of the : Given-NameldapDisplayName: givenNameattributeId: 2.5.4.42attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ff8e-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: fANR | fATTINDEXrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute governsIDThis attribute specifies the unique object ID of the class defined by this Class-Schema : Governs-IDldapDisplayName: governsIDattributeId: 1.2.840.113556.1.2.22attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: bf96797d-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute groupTypeThis attribute contains a set of flags that define the type and scope of a group object. For more information about the possible values for this attribute, see the Remarks section of [MSDN-GroupType].cn: Group-TypeldapDisplayName: groupTypeattributeId: 1.2.840.113556.1.4.750attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 9a9a021e-4a5b-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: fPRESERVEONDELETE | fATTINDEXisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute hasMasterNCsThis attribute specifies the DN for the naming contexts for the DC. It is a forward link for the Mastered-By attribute. This attribute is maintained for backward compatibility; msDS-hasMasterNCs is used : Has-Master-NCsldapDisplayName: hasMasterNCsattributeId: 1.2.840.113556.1.2.14attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967982-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0linkID: 76systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute hasPartialReplicaNCsThis attribute specifies the sibling to Has-Master-NCs. Reflects the DN for all other-domain NCs that have been replicated into a global : Has-Partial-Replica-NCsldapDisplayName: hasPartialReplicaNCsattributeId: 1.2.840.113556.1.2.15attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967981-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0linkID: 74systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute homePhoneThis attribute specifies the user's main home phone : Phone-Home-PrimaryldapDisplayName: homePhoneattributeId: 0.9.2342.19200300.100.1.20attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ffa1-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute homePostalAddressThis attribute specifies the user's home : Address-HomeldapDisplayName: homePostalAddressattributeId: 1.2.840.113556.1.2.617attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 16775781-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 4096attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute houseIdentifierThis attribute specifies a linguistic construct used to identify a particular building; for example, a house number or house name relative to a street, avenue, town, or : houseIdentifierldapDisplayName: houseIdentifierattributeId: 2.5.4.51attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: a45398b7-c44a-4eb6-82d3-13c10946dbfesystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 32768Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute iconPathThis attribute specifies the source for loading an : Icon-PathldapDisplayName: iconPathattributeId: 1.2.840.113556.1.4.219attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: f0f8ff83-1191-11d0-a060-00aa006c33edsystemOnly: FALSErangeLower: 0rangeUpper: 2048Version-Specific Behavior: First implemented on Windows Server 2008.Attribute initialsThis attribute contains the initials for parts of the user's full name. It can be used as the middle initial in the Windows Address : InitialsldapDisplayName: initialsattributeId: 2.5.4.43attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ff90-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 6attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute instanceTypeThis attribute specifies a bit field that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas, even if the replicas are in : Instance-TypeldapDisplayName: instanceTypeattributeId: 1.2.840.113556.1.2.1attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf96798c-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute internationalISDNNumberThis attribute specifies an international ISDN number associated with an : International-ISDN-NumberldapDisplayName: internationalISDNNumberattributeId: 2.5.4.25attributeSyntax: 2.5.5.6omSyntax: 18isSingleValued: FALSEschemaIdGuid: bf96798d-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 16attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute interSiteTopologyFailoverThis attribute indicates how much time has to transpire since the last keep-alive in order for the intersite topology generator to be considered : Inter-Site-Topology-FailoverldapDisplayName: interSiteTopologyFailoverattributeId: 1.2.840.113556.1.4.1248attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: b7c69e60-2cc7-11d2-854e-00a0c983f608systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute interSiteTopologyGeneratorThis attribute is used to support failover for the machine designated as the one that runs Knowledge Consistency Checker intersite topology generation in a given : Inter-Site-Topology-GeneratorldapDisplayName: interSiteTopologyGeneratorattributeId: 1.2.840.113556.1.4.1246attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: b7c69e5e-2cc7-11d2-854e-00a0c983f608systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute interSiteTopologyRenewThis attribute indicates how often the intersite topology generator updates the keep-alive message that is sent to DCs contained in the same : Inter-Site-Topology-RenewldapDisplayName: interSiteTopologyRenewattributeId: 1.2.840.113556.1.4.1247attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: b7c69e5f-2cc7-11d2-854e-00a0c983f608systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute invocationIdThis attribute is used to uniquely identify the specific version of the directory database associated with an AD-LDS : Invocation-IdldapDisplayName: invocationIdattributeId: 1.2.840.113556.1.2.115attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf96798e-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fATTINDEXsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ipPhoneThis attribute specifies the TCP/IP address for the phone. Used by : Phone-Ip-PrimaryldapDisplayName: ipPhoneattributeId: 1.2.840.113556.1.4.721attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 4d146e4a-48d4-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isCriticalSystemObjectIf TRUE, the object hosting this attribute has to be replicated during installation of a new : Is-Critical-System-ObjectldapDisplayName: isCriticalSystemObjectattributeId: 1.2.840.113556.1.4.868attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 00fbf30d-91fe-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isDefunctIf TRUE, the class or attribute is no longer usable. Old versions of this object can exist, but new ones cannot be : Is-DefunctldapDisplayName: isDefunctattributeId: 1.2.840.113556.1.4.661attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 28630ebe-41d5-11d1-a9c1-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isDeletedIf TRUE, this object has been marked for deletion and will be removed from the Active Directory : Is-DeletedldapDisplayName: isDeletedattributeId: 1.2.840.113556.1.2.48attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf96798f-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isEphemeralcn: Is-EphemeralldapDisplayName: isEphemeralattributeId: 1.2.840.113556.1.4.1212attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: f4c453f0-c5f1-11d1-bbcb-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isMemberOfPartialAttributeSetIf TRUE, this attribute is replicated to the global : Is-Member-Of-Partial-Attribute-SetldapDisplayName: isMemberOfPartialAttributeSetattributeId: 1.2.840.113556.1.4.639attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 19405b9d-3cfa-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute isRecycledIf TRUE, this object has been marked for permanent deletion. Additionally, if the Recycle Bin optional feature is enabled, the value TRUE marks an object that cannot be undeleted. It will be removed from the Active Directory : Is-RecycledldapDisplayName: isRecycledattributeId: 1.2.840.113556.1.4.2058attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 8fb59256-55f1-444b-aacb-f5b482fe3459systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERisMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on Windows Server 2008 R2 operating system.Attribute isSingleValuedIf TRUE, this attribute can only store one : Is-Single-ValuedldapDisplayName: isSingleValuedattributeId: 1.2.840.113556.1.2.33attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf967992-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute jpegPhotoThis attribute is used to store one or more images of a person using the JPEG File Interchange Format [JFIF].cn: jpegPhotoldapDisplayName: jpegPhotoattributeId: 0.9.2342.19200300.100.1.60attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bac80572-09c4-4fa9-9ae6-7628d7adbe0esystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute keywordsThis attribute specifies a list of keywords that can be used to locate a given connection : KeywordsldapDisplayName: keywordsattributeId: 1.2.840.113556.1.4.48attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967993-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 1rangeUpper: 256isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lThis attribute represents the name of a locality, such as a town or : Locality-NameldapDisplayName: lattributeId: 2.5.4.7attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf9679a2-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPY | fATTINDEXrangeLower: 1rangeUpper: 128attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute labeledURIThis attribute specifies a Uniform Resource Identifier (URI) followed by a label. The label is used to describe the resource to which the URI points and is intended as a friendly name fit for human : labeledURIldapDisplayName: labeledURIattributeId: 1.3.6.1.4.1.250.1.57attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: c569bb46-c680-44bc-a273-e6c227d71b45systemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lastAgedChangems-DS-Last-Aged-Changecn: ms-DS-Last-Aged-ChangeldapDisplayName: lastAgedChangeattributeId: 1.2.840.113556.1.4.1888attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: FALSEsearchFlags: fATTINDEXVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lastBackupRestorationTimeThis attribute specifies the time when the last system restore operation : Last-Backup-Restoration-TimeldapDisplayName: lastBackupRestorationTimeattributeId: 1.2.840.113556.1.4.519attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: 1fbb0be8-ba63-11d0-afef-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lastKnownParentThis attribute specifies the DN of the last known parent of an orphaned or deleted : Last-Known-ParentldapDisplayName: lastKnownParentattributeId: 1.2.840.113556.1.4.781attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 52ab8670-5709-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lastLogonTimestampThis attribute specifies the time at which the user last logged on to the domain. This value is only updated if the user logs on after a week has passed since the last update. This value is : Last-Logon-TimestampldapDisplayName: lastLogonTimestampattributeId: 1.2.840.113556.1.4.1696attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: c0e20a04-0e5a-4ff3-9482-5efeaecd7060systemOnly: TRUEsearchFlags: 0attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cfsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lDAPAdminLimitsThis attribute contains a set of attribute/value pairs that define Lightweight Directory Access Protocol (LDAP) server administrative : LDAP-Admin-LimitsldapDisplayName: lDAPAdminLimitsattributeId: 1.2.840.113556.1.4.843attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 7359a352-90f7-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lDAPDisplayNameThis attribute specifies the name used by LDAP clients, such as the ADSI LDAP provider, to read and write the attribute by using the LDAP : LDAP-Display-NameldapDisplayName: lDAPDisplayNameattributeId: 1.2.840.113556.1.2.460attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf96799a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fPRESERVEONDELETE | fATTINDEXrangeLower: 1rangeUpper: 256isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lDAPIPDenyListThis attribute holds a list of binary IP addresses that are denied access to an LDAP : LDAP-IPDeny-ListldapDisplayName: lDAPIPDenyListattributeId: 1.2.840.113556.1.4.844attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: 7359a353-90f7-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute linkIDThis attribute specifies an integer that indicates that the attribute is a linked attribute. An even integer is a forward link, and an odd integer is a back : Link-IDldapDisplayName: linkIDattributeId: 1.2.840.113556.1.2.50attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf96799b-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute localizationDisplayIdThis attribute is used to index into the Extrts.mc file to get the localized displayName of the objects for UI : Localization-Display-IdldapDisplayName: localizationDisplayIdattributeId: 1.2.840.113556.1.4.1353attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: a746f0d1-78d0-11d2-9916-0000f87a57d4systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute locationThis attribute specifies the user's location, such as an office : LocationldapDisplayName: locationattributeId: 1.2.840.113556.1.4.222attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 09dcb79f-165f-11d0-a064-00aa006c33edsystemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 0rangeUpper: 1024isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute lockoutTimeThis attribute specifies the date and time (in UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the account is not currently locked : Lockout-TimeldapDisplayName: lockoutTimeattributeId: 1.2.840.113556.1.4.662attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: 28630ebf-41d5-11d1-a9c1-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mailThis attribute specifies the list of email addresses for a : E-mail-AddressesldapDisplayName: mailattributeId: 0.9.2342.19200300.100.1.3attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967961-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 0rangeUpper: 256attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mailAddressThis attribute specifies the generic mail address attribute. It is used "in the box" as an optional attribute of server objects, where it is consumed by mail-based DS replication (if the machines are so configured).cn: SMTP-Mail-AddressldapDisplayName: mailAddressattributeId: 1.2.840.113556.1.4.786attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 26d9736f-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute managedByThis attribute specifies the DN of the object that is assigned to manage this : Managed-ByldapDisplayName: managedByattributeId: 1.2.840.113556.1.4.653attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 0296c120-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 72systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute managedObjectsThis attribute contains the list of objects that are managed by the user. The objects listed are those that have the managedBy property set to this user. Each item in the list is a linked reference to the managed : Managed-ObjectsldapDisplayName: managedObjectsattributeId: 1.2.840.113556.1.4.654attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 0296c124-40da-11d1-a9c0-0000f80367c1systemOnly: TRUEsearchFlags: 0linkID: 73systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute managerThis attribute contains the DN of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this : ManagerldapDisplayName: managerattributeId: 0.9.2342.19200300.100.1.10attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf9679b5-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050linkID: 42isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute masteredByThis attribute specifies the back link for the Has-Master-NCs attribute. The DN for its NTDS Settings : Mastered-ByldapDisplayName: masteredByattributeId: 1.2.840.113556.1.4.1409attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: e48e64e0-12c9-11d3-9102-00c04fd91ab1systemOnly: TRUEsearchFlags: 0linkID: 77systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mayContainThis attribute specifies the list of optional attributes for a : May-ContainldapDisplayName: mayContainattributeId: 1.2.840.113556.1.2.25attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf9679bf-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute memberThis attribute specifies the list of users that belong to the : MemberldapDisplayName: memberattributeId: 2.5.4.31attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf9679c0-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cflinkID: 2isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute memberOfThis attribute specifies the DN of the groups to which this object : Is-Member-Of-DLldapDisplayName: memberOfattributeId: 1.2.840.113556.1.2.102attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967991-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fCOPYattributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cflinkID: 3systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute middleNameThis attribute specifies additional names for a user; for example, middle name, patronymic, matronymic, or : Other-NameldapDisplayName: middleNameattributeId: 2.16.840.1.113730.3.1.34attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf9679f2-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 64Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mobileThis attribute specifies the primary cellular phone number for a : Phone-Mobile-PrimaryldapDisplayName: mobileattributeId: 0.9.2342.19200300.100.1.41attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ffa3-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute modifyTimeStampThis attribute specifies the date when this object was last changed. This value is : Modify-Time-StampldapDisplayName: modifyTimeStampattributeId: 2.5.18.2attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: 9a7ad94a-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute moveTreeStateThis attribute is not necessary for Active Directory Lightweight Directory Services (AD LDS) to function. The protocol does not define a format beyond that required by the : Move-Tree-StateldapDisplayName: moveTreeStateattributeId: 1.2.840.113556.1.4.1305attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: 1f2ac2c8-3b71-11d2-90cc-00c04fd91ab1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mS-DS-ConsistencyChildCountThis attribute is not necessary for Active Directory to function. The protocol does not define a format beyond that required by the : MS-DS-Consistency-Child-CountldapDisplayName: mS-DS-ConsistencyChildCountattributeId: 1.2.840.113556.1.4.1361attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 178b7bc2-b63a-11d2-90e1-00c04fd91ab1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mS-DS-ConsistencyGuidThis attribute is not necessary for Active Directory to function. The protocol does not define a format beyond that required by the : MS-DS-Consistency-GuidldapDisplayName: mS-DS-ConsistencyGuidattributeId: 1.2.840.113556.1.4.1360attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 23773dc2-b63a-11d2-90e1-00c04fd91ab1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute mS-DS-ReplicatesNCReasonThis is an attribute of an nTDSConnection object that indicates why (or whether) the Knowledge Consistency Checker (KCC) concludes that the connection is useful in the replication topology. This attribute is multivalued and has DistName+Binary syntax, where the binary part is an int-size bit : MS-DS-Replicates-NC-ReasonldapDisplayName: mS-DS-ReplicatesNCReasonattributeId: 1.2.840.113556.1.4.1408attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11isSingleValued: FALSEschemaIdGuid: 0ea12b84-08b3-11d3-91bc-0000f87a57d4systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ms-DS-UserAccountAutoLockedThis attribute specifies a Boolean flag that indicates whether the account that this attribute references has been locked out. (TRUE means locked out.)cn: ms-DS-User-Account-Auto-LockedldapDisplayName: ms-DS-UserAccountAutoLockedattributeId: 1.2.840.113556.1.4.1857attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: f2dd7bab-1f3b-47cf-89fa-143b56ad0a3dsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ms-DS-UserEncryptedTextPasswordAllowedThis attribute specifies a Boolean flag that controls whether Active Directory stores the password in reversible encryption : ms-DS-User-Encrypted-Text-Password-AllowedldapDisplayName: ms-DS-UserEncryptedTextPasswordAllowedattributeId: 1.2.840.113556.1.4.1856attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 5a87c7f2-93c5-454c-a8c5-8cb09613292esystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ms-DS-UserPasswordNotRequiredThis attribute specifies a Boolean flag that controls whether a password is required for the account that this attribute : ms-DS-User-Password-Not-RequiredldapDisplayName: ms-DS-UserPasswordNotRequiredattributeId: 1.2.840.113556.1.4.1854attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 8f066172-a25e-4f53-8dcd-0a67d5fb883dsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AllowedDNSSuffixesThis attribute specifies the list of allowed suffixes for the dNSHostName attribute in computer : ms-DS-Allowed-DNS-SuffixesldapDisplayName: msDS-AllowedDNSSuffixesattributeId: 1.2.840.113556.1.4.1710attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 8469441b-9ac4-4e45-8205-bd219dbf672dsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 2048systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Approx-Immed-SubordinatesThe value returned by this attribute is based on index sizes. This value can be off by +/-10 percent on large containers, and the error is theoretically unbounded, but the use of this attribute is to assist the UI with determining how to display the contents of a : ms-DS-Approx-Immed-SubordinatesldapDisplayName: msDS-Approx-Immed-SubordinatesattributeId: 1.2.840.113556.1.4.1669attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: e185d243-f6ce-4adb-b496-b0c005d7823csystemOnly: TRUEsearchFlags: 0attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Auxiliary-ClassesThis attribute lists the auxiliary classes that have been dynamically attached to an object. This attribute is not associated with a class. It is automatically populated by the Active Directory : ms-DS-Auxiliary-ClassesldapDisplayName: msDS-Auxiliary-ClassesattributeId: 1.2.840.113556.1.4.1458attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: c4af1073-ee50-4be0-b8c0-89a41fe99abesystemOnly: TRUEsearchFlags: fPRESERVEONDELETEattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzApplicationDataThis attribute specifies a string that is used by individual applications to store needed : ms-DS-Az-Application-DataldapDisplayName: msDS-AzApplicationDataattributeId: 1.2.840.113556.1.4.1819attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 503fc3e8-1cc6-461a-99a3-9eee04f402a7systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzApplicationNameThis attribute specifies a string that uniquely identifies an application : ms-DS-Az-Application-NameldapDisplayName: msDS-AzApplicationNameattributeId: 1.2.840.113556.1.4.1798attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: db5b0728-6208-4876-83b7-95d3e5695275systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 512Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzApplicationVersionThis attribute specifies a version number to indicate that the AzApplication is : ms-DS-Az-Application-VersionldapDisplayName: msDS-AzApplicationVersionattributeId: 1.2.840.113556.1.4.1817attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 7184a120-3ac4-47ae-848f-fe0ab20784d4systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzBizRuleThis attribute specifies the text of the script implementing the business : ms-DS-Az-Biz-RuleldapDisplayName: msDS-AzBizRuleattributeId: 1.2.840.113556.1.4.1801attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 33d41ea8-c0c9-4c92-9494-f104878413fdsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 65536Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzBizRuleLanguageThis attribute specifies the language that the business rule script is in (for example, JScript or Visual Basic Scripting Edition).cn: ms-DS-Az-Biz-Rule-LanguageldapDisplayName: msDS-AzBizRuleLanguageattributeId: 1.2.840.113556.1.4.1802attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 52994b56-0e6c-4e07-aa5c-ef9d7f5a0e25systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 64Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzClassIdThis attribute specifies a class ID that is required by the AzRoles UI on the AzApplication : ms-DS-Az-Class-IDldapDisplayName: msDS-AzClassIdattributeId: 1.2.840.113556.1.4.1816attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 013a7277-5c2d-49ef-a7de-b765b36a3f6fsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 40Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzDomainTimeoutThis attribute specifies the time (in milliseconds) after a domain is detected to be unreachable and before the DC is tried : ms-DS-Az-Domain-TimeoutldapDisplayName: msDS-AzDomainTimeoutattributeId: 1.2.840.113556.1.4.1795attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 6448f56a-ca70-4e2e-b0af-d20e4ce653d0systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzGenerateAuditsThis attribute specifies a Boolean field indicating whether runtime audits need to be turned on (for example, audits for access checks).cn: ms-DS-Az-Generate-AuditsldapDisplayName: msDS-AzGenerateAuditsattributeId: 1.2.840.113556.1.4.1805attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: f90abab0-186c-4418-bb85-88447c87222asystemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzGenericDataThis attribute specifies AzMan-specific generic : ms-DS-Az-Generic-DataldapDisplayName: msDS-AzGenericDataattributeId: 1.2.840.113556.1.4.1950attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: a283ad81-eaac-448b-af22-6c7099a946e0systemOnly: FALSEsearchFlags: 0rangeUpper: 65536Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzLastImportedBizRulePathThis attribute specifies the last imported business rule : ms-DS-Az-Last-Imported-Biz-Rule-PathldapDisplayName: msDS-AzLastImportedBizRulePathattributeId: 1.2.840.113556.1.4.1803attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 665acb5c-bb92-4dbc-8c59-b3638eab09b3systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 65536Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzLDAPQueryThis attribute specifies a string that defines the LDAP query (max length 4096) that determines the membership of a user object to the group. cn: ms-DS-Az-LDAP-QueryldapDisplayName: msDS-AzLDAPQueryattributeId: 1.2.840.113556.1.4.1792attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 5e53368b-fc94-45c8-9d7d-daf31ee7112dsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 4096Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzMajorVersionThis attribute specifies the major version number for : ms-DS-Az-Major-VersionldapDisplayName: msDS-AzMajorVersionattributeId: 1.2.840.113556.1.4.1824attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: cfb9adb7-c4b7-4059-9568-1ed9db6b7248systemOnly: FALSEsearchFlags: 0rangeLower: 1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzMinorVersionThis attribute specifies the minor version number for : ms-DS-Az-Minor-VersionldapDisplayName: msDS-AzMinorVersionattributeId: 1.2.840.113556.1.4.1825attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: ee85ed93-b209-4788-8165-e702f51bfbf3systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzObjectGuidThis attribute specifies the unique and portable identifier of AzMan : ms-DS-Az-Object-GuidldapDisplayName: msDS-AzObjectGuidattributeId: 1.2.840.113556.1.4.1949attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 8867b29c-9ccf-4ce2-be30-b67c0d2432c6systemOnly: TRUEsearchFlags: fATTINDEXrangeLower: 16rangeUpper: 16Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzOperationIDThis attribute specifies the application-specific ID that makes the operation unique to the : ms-DS-Az-Operation-IDldapDisplayName: msDS-AzOperationIDattributeId: 1.2.840.113556.1.4.1800attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: a5f3b553-5d76-4cbe-ba3f-4312152cab18systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzScopeNameThis attribute specifies a string that uniquely identifies a scope : ms-DS-Az-Scope-NameldapDisplayName: msDS-AzScopeNameattributeId: 1.2.840.113556.1.4.1799attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 515a6b06-2617-4173-8099-d5605df043c6systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 65536Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzScriptEngineCacheMaxThis attribute specifies the maximum number of scripts that are cached by the : ms-DS-Az-Script-Engine-Cache-MaxldapDisplayName: msDS-AzScriptEngineCacheMaxattributeId: 1.2.840.113556.1.4.1796attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 2629f66a-1f95-4bf3-a296-8e9d7b9e30c8systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzScriptTimeoutThis attribute specifies the maximum time (in milliseconds) to wait for a script to finish auditing a specific : ms-DS-Az-Script-TimeoutldapDisplayName: msDS-AzScriptTimeoutattributeId: 1.2.840.113556.1.4.1797attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 87d0fb41-2c8b-41f6-b972-11fdfd50d6b0systemOnly: FALSEsearchFlags: 0rangeLower: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-AzTaskIsRoleDefinitionThis attribute specifies a Boolean field that indicates whether AzTask is a classic task or a role : ms-DS-Az-Task-Is-Role-DefinitionldapDisplayName: msDS-AzTaskIsRoleDefinitionattributeId: 1.2.840.113556.1.4.1818attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 7b078544-6c82-4fe9-872f-ff48ad2b2e26systemOnly: FALSEsearchFlags: 0Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Behavior-VersionThis attribute is used to track the domain or forest behavior version. It is a monotonically increasing number that is used to enable certain Active Directory : ms-DS-Behavior-VersionldapDisplayName: msDS-Behavior-VersionattributeId: 1.2.840.113556.1.4.1459attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: d31a8757-2447-4545-8081-3bb610cacbf2systemOnly: TRUEsearchFlags: 0rangeLower: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-BridgeHeadServersUsedThis attribute specifies a list of bridgehead servers used by the KCC in the previous : ms-DS-BridgeHead-Servers-UsedldapDisplayName: msDS-BridgeHeadServersUsedattributeId: 1.2.840.113556.1.4.2049attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11linkID: 2160isSingleValued: FALSEshowInAdvancedViewOnly: TRUEschemaIdGuid: 3ced1465-7b71-2541-8780-1e1ea6243a82searchFlags: 0systemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECTschemaFlagsEx: FLAG_ATTR_IS_CRITICALVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-DefaultNamingContextThis attribute specifies the default naming context (partition) for this AD LDS : ms-DS-Default-Naming-ContextldapDisplayName: msDS-DefaultNamingContextattributeId: 1.2.840.113556.1.4.1873attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 09278375-bc53-e342-8a03-943043a1b573systemOnly: FALSEsearchFlags: 0linkID: 2044systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-DefaultNamingContextBLThis attribute specifies a backlink reference for the msDS-DefaultNamingContext : ms-DS-Default-Naming-Context-BLldapDisplayName: msDS-DefaultNamingContextBLattributeId: 1.2.840.113556.1.4.1874attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 2a4e57c2-60bc-5040-b463-51e1d82df9a5systemOnly: TRUEsearchFlags: 0linkID: 2045systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-DefaultQuotaThis attribute specifies the default quota that will apply to a security principal that creates an object in the NC if no quota specification exists that covers the security : ms-DS-Default-QuotaldapDisplayName: msDS-DefaultQuotaattributeId: 1.2.840.113556.1.4.1846attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 6818f726-674b-441b-8a3a-f40596374ceasystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-DeletedObjectLifetimeIf the Recycle Bin optional feature is enabled, this attribute specifies the number of days before a deleted object is converted to a recycled object. If the Recycle Bin optional feature is not enabled, values of this attribute have no meaning or : ms-DS-Deleted-Object-LifetimeldapDisplayName: msDS-DeletedObjectLifetimeattributeId: 1.2.840.113556.1.4.2068attributeSyntax: 2.5.5.9omSyntax: 10isSingleValued: TRUEschemaIdGuid: a9b38cb6-189a-4def-8a70-0fcfa158148esystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-DisableForInstancesThis attribute specifies the set of DSA objects, representing AD LDS instances, for which Service Connection Point publication is : ms-DS-Disable-For-InstancesldapDisplayName: msDS-DisableForInstancesattributeId: 1.2.840.113556.1.4.1870attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 5f8f45cb-0fb7-fc4f-b44f-66f781aa66ddsystemOnly: FALSEsearchFlags: 0linkID: 2042systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-DisableForInstancesBLThis attribute specifies the backlink reference to the ms-DS-Service-Connection-Point-Publication-Service : ms-DS-Disable-For-Instances-BLldapDisplayName: msDS-DisableForInstancesBLattributeId: 1.2.840.113556.1.4.1871attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 8f9d31dd-67ea-cd42-9b88-7cddb36c21f4systemOnly: TRUEsearchFlags: 0linkID: 2043systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-DnsRootAliasThis attribute is used to store the domain : ms-DS-DnsRootAliasldapDisplayName: msDS-DnsRootAliasattributeId: 1.2.840.113556.1.4.1719attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 2143acca-eead-4d29-b591-85fa49ce9173systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 255systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-EnabledFeatureThis attribute lists the enabled optional : ms-DS-Enabled-FeatureldapDisplayName: msDS-EnabledFeatureattributeId: 1.2.840.113556.1.4.2061attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714linkId: 2168isSingleValued: FALSEschemaIdGuid: 5706aeaf-b940-4fb2-bcfc-5268683ad9feisMemberOfPartialAttributeSet: TRUEsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-EnabledFeatureBLThis attribute is the backlink attribute of msDS-EnabledFeature, and it lists the scopes where an optional feature is : ms-DS-Enabled-Feature-BLldapDisplayName: msDS-EnabledFeatureBLattributeId: 1.2.840.113556.1.4.2069attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714linkId: 2169isSingleValued: FALSEschemaIdGuid: ce5b01bc-17c6-44b8-9dc1-a9668b00901bsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-Entry-Time-To-DieThis attribute holds the absolute expiration time of a dynamic object in the : ms-DS-Entry-Time-To-DieldapDisplayName: msDS-Entry-Time-To-DieattributeId: 1.2.840.113556.1.4.1622attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: e1e9bad7-c6dd-4101-a843-794cec85b038systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONALVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ExecuteScriptPasswordThis attribute is used during domain rename operation. This value cannot be written to or read from with : ms-DS-ExecuteScriptPasswordldapDisplayName: msDS-ExecuteScriptPasswordattributeId: 1.2.840.113556.1.4.1783attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 9d054a5a-d187-46c1-9d85-42dfc44a56ddsystemOnly: TRUEsearchFlags: 0rangeLower: 0rangeUpper: 64systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-FilterContainersA multivalued string attribute containing the names of classes that are used to determine which container types are shown by the Active Directory Users and Computers snap-in when : ms-DS-Filter-ContainersldapDisplayName: msDS-FilterContainersattributeId: 1.2.840.113556.1.4.1703attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: fb00dcdf-ac37-483a-9c12-ac53a6603033systemOnly: FALSErangeLower: 1rangeUpper: 64Version-Specific Behavior: First implemented on Windows Server 2008.Attribute msDS-HasDomainNCsThis attribute specifies DS replication information that details the domain NCs that are present on a particular : ms-DS-Has-Domain-NCsldapDisplayName: msDS-HasDomainNCsattributeId: 1.2.840.113556.1.4.1820attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 6f17e347-a842-4498-b8b3-15e007da4fedsystemOnly: TRUEsearchFlags: 0rangeLower: 4rangeUpper: 4linkID: 2026systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-HasInstantiatedNCsThis attribute specifies DS replication information that details the state of the NCs that are present on a particular : ms-DS-Has-Instantiated-NCsldapDisplayName: msDS-HasInstantiatedNCsattributeId: 1.2.840.113556.1.4.1709attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11isSingleValued: FALSEschemaIdGuid: 11e9a5bc-4517-4049-af9c-51554fb0fc09systemOnly: TRUEsearchFlags: 0rangeLower: 4rangeUpper: 4linkID: 2002systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-hasMasterNCsThis attribute specifies a list of the naming contexts contained by a : ms-DS-Has-Master-NCsldapDisplayName: msDS-hasMasterNCsattributeId: 1.2.840.113556.1.4.1836attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: ae2de0e2-59d7-4d47-8d47-ed4dfe4357adsystemOnly: TRUEsearchFlags: 0linkID: 2036systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-IntIdThe ms-DS-IntId attribute is for internal use : ms-DS-IntIdldapDisplayName: msDS-IntIdattributeId: 1.2.840.113556.1.4.1716attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bc60096a-1b47-4b30-8877-602c93f56532systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msds-memberOfTransitiveThis attribute specifies the set of distinguished names (DNs) in the memberOf attribute on the current object and the DNs from the memberOf attributes of each of the objects specified in the memberOf attribute on the current : ms-DS-Is-Member-Of-DL-TransitivelDAPDisplayName: msds-memberOfTransitiveattributeID: 1.2.840.113556.1.4.2236attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEsystemOnly: TRUEsearchFlags: fBASEONLYsystemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_CONSTRUCTED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECTshowInAdvancedViewOnly: TRUEVersion-Specific Behavior: First implemented on Windows Server 2012 R2 operating system.Attribute msds-memberTransitiveThis attribute specifies the set of distinguished names (DNs) in the member attribute on the current object and the DNs from the member attribute of each of the objects specified in the member attribute on the current : ms-DS-Member-TransitivelDAPDisplayName: msds-memberTransitiveattributeID: 1.2.840.113556.1.4.2238attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEsystemOnly: TRUEsearchFlags: fBASEONLYsystemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_CONSTRUCTED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECTshowInAdvancedViewOnly: TRUEVersion-Specific Behavior: First implemented on Windows Server 2012 R2.Attribute msDS-LastKnownRDNThis attribute holds the original RDN of a deleted : ms-DS-Last-Known-RDNldapDisplayName: msDS-LastKnownRDNattributeId: 1.2.840.113556.1.4.2067attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 8ab15858-683e-466d-877f-d640e1f9a611systemOnly: TRUEsearchFlags: 0rangeLower: 1rangeUpper: 255systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-LocalEffectiveDeletionTimeThis attribute stores the deletion time of the object in the local domain : ms-DS-Local-Effective-Deletion-TimeldapDisplayName: msDS-LocalEffectiveDeletionTimeattributeId: 1.2.840.113556.1.4.2059attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: 94f2800c-531f-4aeb-975d-48ac39fd8ca4systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-LocalEffectiveRecycleTimeThis attribute stores the recycle time of the object in the local domain : ms-DS-Local-Effective-Recycle-TimeldapDisplayName: msDS-LocalEffectiveRecycleTimeattributeId: 1.2.840.113556.1.4.2060attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: 4ad6016b-b0d2-4c9b-93b6-5964b17b968csystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDs-masteredByThis attribute specifies the backlink for msDS-: ms-DS-Mastered-ByldapDisplayName: msDs-masteredByattributeId: 1.2.840.113556.1.4.1837attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 60234769-4819-4615-a1b2-49d2f119acb5systemOnly: TRUEsearchFlags: 0linkID: 2037systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-MembersForAzRoleThis attribute specifies the list of member application groups or users linked to Az-: ms-DS-Members-For-Az-RoleldapDisplayName: msDS-MembersForAzRoleattributeId: 1.2.840.113556.1.4.1806attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: cbf7e6cd-85a4-4314-8939-8bfe80597835systemOnly: FALSEsearchFlags: 0linkID: 2016systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-MembersForAzRoleBLThis attribute specifies the backlink from a member application group or user to the Az-Role objects that link to : ms-DS-Members-For-Az-Role-BLldapDisplayName: msDS-MembersForAzRoleBLattributeId: 1.2.840.113556.1.4.1807attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: ececcd20-a7e0-4688-9ccf-02ece5e287f5systemOnly: TRUEsearchFlags: 0linkID: 2017systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-NC-Replica-LocationsThis attribute specifies a list of servers that are the replica set for the corresponding non-domain naming : ms-DS-NC-Replica-LocationsldapDisplayName: msDS-NC-Replica-LocationsattributeId: 1.2.840.113556.1.4.1661attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 97de9615-b537-46bc-ac0f-10720f3909f3systemOnly: FALSEsearchFlags: 0linkID: 1044systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-NCReplCursorsThis attribute specifies a list of past and present replication partners for a particular machine, and how up-to-date that machine is with each of : ms-DS-NC-Repl-CursorsldapDisplayName: msDS-NCReplCursorsattributeId: 1.2.840.113556.1.4.1704attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 8a167ce4-f9e8-47eb-8d78-f7fe80abb2ccsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-NCReplInboundNeighborsThis attribute specifies replication partners for this partition. This server obtains replication data from these other servers, which act as : ms-DS-NC-Repl-Inbound-NeighborsldapDisplayName: msDS-NCReplInboundNeighborsattributeId: 1.2.840.113556.1.4.1705attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9edba85a-3e9e-431b-9b1a-a5b6e9eda796systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-NCReplOutboundNeighborsThis attribute specifies replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is : ms-DS-NC-Repl-Outbound-NeighborsldapDisplayName: msDS-NCReplOutboundNeighborsattributeId: 1.2.840.113556.1.4.1706attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 855f2ef5-a1c5-4cc4-ba6d-32522848b61fsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Non-Security-Group-Extra-ClassesThis attribute specifies the common names of the nonstandard classes that can be added to a non-security group through the Active Directory Users and Computers snap-: ms-DS-Non-Security-Group-Extra-ClassesldapDisplayName: msDS-Non-Security-Group-Extra-ClassesattributeId: 1.2.840.113556.1.4.1689attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 2de144fc-1f52-486f-bdf4-16fcc3084e54systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute msDS-NonMembersThis attribute serves the same purpose as the Non-Security-Member attribute but with scoping rules : ms-DS-Non-MembersldapDisplayName: msDS-NonMembersattributeId: 1.2.840.113556.1.4.1793attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: cafcb1de-f23c-46b5-adf7-1e64957bd5dbsystemOnly: FALSEsearchFlags: 0linkID: 2014systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-NonMembersBLThis attribute specifies the backlink from a non-member group or user to the Az groups that link to it (has the same functionality as Non-Security-Member-BL).cn: ms-DS-Non-Members-BLldapDisplayName: msDS-NonMembersBLattributeId: 1.2.840.113556.1.4.1794attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 2a8c68fc-3a7a-4e87-8720-fe77c51cbe74systemOnly: TRUEsearchFlags: 0linkID: 2015systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-OperationsForAzRoleThis attribute specifies a list of operations linked to Az-: ms-DS-Operations-For-Az-RoleldapDisplayName: msDS-OperationsForAzRoleattributeId: 1.2.840.113556.1.4.1812attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 93f701be-fa4c-43b6-bc2f-4dbea718ffabsystemOnly: FALSEsearchFlags: 0linkID: 2022Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-OperationsForAzRoleBLThis attribute specifies the backlink from Az-Operation to the Az-Role objects that link to : ms-DS-Operations-For-Az-Role-BLldapDisplayName: msDS-OperationsForAzRoleBLattributeId: 1.2.840.113556.1.4.1813attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: f85b6228-3734-4525-b6b7-3f3bb220902csystemOnly: TRUEsearchFlags: 0linkID: 2023systemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-OperationsForAzTaskThis attribute specifies a list of operations linked to Az-: ms-DS-Operations-For-Az-TaskldapDisplayName: msDS-OperationsForAzTaskattributeId: 1.2.840.113556.1.4.1808attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 1aacb436-2e9d-44a9-9298-ce4debeb6ebfsystemOnly: FALSEsearchFlags: 0linkID: 2018showInAdvancedViewOnly: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-OperationsForAzTaskBLThis attribute specifies the backlink from Az-Operation to the Az-Task objects that link to : ms-DS-Operations-For-Az-Task-BLldapDisplayName: msDS-OperationsForAzTaskBLattributeId: 1.2.840.113556.1.4.1809attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: a637d211-5739-4ed1-89b2-88974548bc59systemOnly: TRUEsearchFlags: 0linkID: 2019systemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-OptionalFeatureFlagsThis attribute stores an integer value that contains flags that define behavior of an optional feature in Active : ms-DS-Optional-Feature-FlagsldapDisplayName: msDS-OptionalFeatureFlagsattributeId: 1.2.840.113556.1.4.2063attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 8a0560c1-97b9-4811-9db7-dc061598965bsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTschemaFlagsEx: FLAG_ATTR_IS_CRITICALVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-OptionalFeatureGUIDThis attribute stores the GUID of an optional : ms-DS-Optional-Feature-GUIDldapDisplayName: msDS-OptionalFeatureGUIDattributeId: 1.2.840.113556.1.4.2062attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 9b88bda8-dd82-4998-a91d-5f2d2baf1927systemOnly: TRUEsearchFlags: 0rangeLower: 16rangeUpper: 16systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-Other-SettingsThis multivalued attribute is used to store any configurable setting for the DS stored in the NAME=VALUE : ms-DS-Other-SettingsldapDisplayName: msDS-Other-SettingsattributeId: 1.2.840.113556.1.4.1621attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 79d2f34c-9d7d-42bb-838f-866b3e4400e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-parentdistnameThis attribute specifies the distinguished name (DN) of the parent object of the current : ms-DS-Parent-Dist-NamelDAPDisplayName: msDS-parentdistnameattributeID: 1.2.840.113556.1.4.2203attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: b918fe7d-971a-f404-9e21-9261abec970bsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_CONSTRUCTED | FLAG_ATTR_IS_OPERATIONAL | FLAG_SCHEMA_BASE_OBJECTshowInAdvancedViewOnly: TRUEVersion-Specific Behavior: First implemented on Windows Server 2012 R2.Attribute msDS-PortLDAPThis attribute is used to specify which port is used by the Directory Service to listen for LDAP requests. Currently, this attribute is only used for AD : ms-DS-Port-LDAPldapDisplayName: msDS-PortLDAPattributeId: 1.2.840.113556.1.4.1859attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 977225c1-5bdf-42b7-b6db-c3af077f558fsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 65535systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-PortSSLms-Ds-Port-SSL is used to specify which port is used by the Directory Service to listen for SSL-protected LDAP requests. Currently, this attribute is used only for AD : ms-DS-Port-SSLldapDisplayName: msDS-PortSSLattributeId: 1.2.840.113556.1.4.1860attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 2c85cfc2-2061-468c-a0ea-c8e0910f7374systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 65535systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Preferred-GC-SiteThe ms-DS-Preferred-GC-Site attribute is used by the security accounts manager for group expansion during token : ms-DS-Preferred-GC-SiteldapDisplayName: msDS-Preferred-GC-SiteattributeId: 1.2.840.113556.1.4.1444attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: d921b50a-0ab2-42cd-87f6-09cf83a91854systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-PrincipalNameThis attribute specifies the account name for the security principal (constructed).cn: ms-DS-Principal-NameldapDisplayName: msDS-PrincipalNameattributeId: 1.2.840.113556.1.4.1865attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 564e9325-d057-c143-9e3b-4f9e5ef46f93systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-QuotaAmountThis attribute specifies the assigned quota in terms of number of objects owned in the : ms-DS-Quota-AmountldapDisplayName: msDS-QuotaAmountattributeId: 1.2.840.113556.1.4.1845attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: fbb9a00d-3a8c-4233-9cf9-7189264903a1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-QuotaEffectiveThis attribute specifies the effective quota for a security principal computed from the assigned quotas for a naming : ms-DS-Quota-EffectiveldapDisplayName: msDS-QuotaEffectiveattributeId: 1.2.840.113556.1.4.1848attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 6655b152-101c-48b4-b347-e1fcebc60157systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-QuotaTrusteeThis attribute specifies the SID, as defined in [MS-DTYP] section 2.4.2, of the security principal for which a quota is being : ms-DS-Quota-TrusteeldapDisplayName: msDS-QuotaTrusteeattributeId: 1.2.840.113556.1.4.1844attributeSyntax: 2.5.5.17omSyntax: 4isSingleValued: TRUEschemaIdGuid: 16378906-4ea5-49be-a8d1-bfd41dff4f65systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 28systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-QuotaUsedThis attribute specifies the current quota being consumed by a security principal in the directory : ms-DS-Quota-UsedldapDisplayName: msDS-QuotaUsedattributeId: 1.2.840.113556.1.4.1849attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: b5a84308-615d-4bb7-b05f-2f1746aa439fsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ReplAttributeMetaDataThis attribute specifies a list of metadata for each replicated attribute. The metadata indicates who changed the attribute : ms-DS-Repl-Attribute-Meta-DataldapDisplayName: msDS-ReplAttributeMetaDataattributeId: 1.2.840.113556.1.4.1707attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: d7c53242-724e-4c39-9d4c-2df8c9d66c7asystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ReplAuthenticationModeThe ms-DS-Repl-Authentication-Mode attribute is used to specify which authentication method is used to authenticate replication partners. This attribute applies to the configuration partition of an AD LDS : ms-DS-Repl-Authentication-ModeldapDisplayName: msDS-ReplAuthenticationModeattributeId: 1.2.840.113556.1.4.1861attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 6e124d4f-1a3f-4cc6-8e09-4a54c81b1d50systemOnly: FALSEsearchFlags: 0rangeLower: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Replication-Notify-First-DSA-DelayThis attribute controls the delay between changes to the DS and notification of the first replica partner for an : ms-DS-Replication-Notify-First-DSA-DelayldapDisplayName: msDS-Replication-Notify-First-DSA-DelayattributeId: 1.2.840.113556.1.4.1663attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 85abd4f4-0a89-4e49-bdec-6f35bb2562basystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Replication-Notify-Subsequent-DSA-DelayThis attribute controls the delay between notification of each subsequent replica partner for an : ms-DS-Replication-Notify-Subsequent-DSA-DelayldapDisplayName: msDS-Replication-Notify-Subsequent-DSA-DelayattributeId: 1.2.840.113556.1.4.1664attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: d63db385-dd92-4b52-b1d8-0d3ecc0e86b6systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ReplicationEpochThis attribute is used to hold the epoch under which all of the DCs are replicating. An epoch is the period in which a domain has a specific name. A new epoch starts when a domain name change : ms-DS-ReplicationEpochldapDisplayName: msDS-ReplicationEpochattributeId: 1.2.840.113556.1.4.1720attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 08e3aa79-eb1c-45b5-af7b-8f94246c8e41systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ReplValueMetaDataThis attribute specifies a list of metadata for each value of an attribute. The metadata indicates who changed the value : ms-DS-Repl-Value-Meta-DataldapDisplayName: msDS-ReplValueMetaDataattributeId: 1.2.840.113556.1.4.1708attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 2f5c8145-e1bd-410b-8957-8bfa81d5acfdsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ReplValueMetaDataExtThis attribute contains no values on any : ms-DS-Repl-Value-Meta-Data-ExtldapDisplayName: msDS-ReplValueMetaDataExtattributeId: 1.2.840.113556.1.4.2235attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 1e02d2ef-44ad-46b2-a67d-9fd18d780bcasystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_ATTR_IS_CONSTRUCTED | FLAG_SCHEMA_BASE_OBJECTshowInAdvancedViewOnly: TRUEVersion-Specific Behavior: First implemented on Windows Server 2012 R2.Attribute msDS-RequiredDomainBehaviorVersionThis attribute specifies the required domain functional level for an optional feature enabled in a domain-wide : ms-DS-Required-Domain-Behavior-VersionldapDisplayName: msDS-RequiredDomainBehaviorVersionattributeId: 1.2.840.113556.1.4.2066attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: eadd3dfe-ae0e-4cc2-b9b9-5fe5b6ed2dd2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT Version-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-RequiredForestBehaviorVersionThis attribute specifies the required forest functional level for an optional : ms-DS-Required-Forest-Behavior-VersionldapDisplayName: msDS-RequiredForestBehaviorVersionattributeId: 1.2.840.113556.1.4.2079attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 4beca2e8-a653-41b2-8fee-721575474becsystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute msDS-RetiredReplNCSignaturesThis attribute specifies information about naming contexts that are no longer held on this : ms-DS-Retired-Repl-NC-SignaturesldapDisplayName: msDS-RetiredReplNCSignaturesattributeId: 1.2.840.113556.1.4.1826attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: d5b35506-19d6-4d26-9afb-11357ac99b5esystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDs-Schema-ExtensionsThis attribute specifies a binary BLOB used to store information about extensions to schema : ms-ds-Schema-ExtensionsldapDisplayName: msDs-Schema-ExtensionsattributeId: 1.2.840.113556.1.4.1440attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: b39a61be-ed07-4cab-9a4a-4963ed0141e1systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-SCPContainerThis attribute specifies the custom location to place SCP objects. This attribute contains a DN value (either FQDN or GUID–based) for the container in Active : ms-DS-SCP-ContainerldapDisplayName: msDS-SCPContainerattributeId: 1.2.840.113556.1.4.1872attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 454588e6-0b4e-b642-a6b8-ec03f6e1d9c5systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 4096systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-SDReferenceDomainThis attribute specifies the domain to be used for default security descriptor translation for a non-domain naming : ms-DS-SD-Reference-DomainldapDisplayName: msDS-SDReferenceDomainattributeId: 1.2.840.113556.1.4.1711attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 4c51e316-f628-43a5-b06b-ffb695fcb4f3systemOnly: FALSEsearchFlags: 0linkID: 2000systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-Security-Group-Extra-ClassesThis attribute specifies the common names of the nonstandard classes that can be added to a security group through the Active Directory Users and Computers snap-: ms-DS-Security-Group-Extra-ClassesldapDisplayName: msDS-Security-Group-Extra-ClassesattributeId: 1.2.840.113556.1.4.1688attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 4f146ae8-a4fe-4801-a731-f51848a4f4e4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute msDS-ServiceAccountThis attribute specifies the FPO representing the AD LDS service : ms-DS-Service-AccountldapDisplayName: msDS-ServiceAccountattributeId: 1.2.840.113556.1.4.1866attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: a7f73651-688b-401e-b0cf-9345857bab23systemOnly: TRUEsearchFlags: 0linkID: 2040systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ServiceAccountBLThis attribute specifies a backlink reference to the AD LDS DSA object that uses this service : ms-DS-Service-Account-BLldapDisplayName: msDS-ServiceAccountBLattributeId: 1.2.840.113556.1.4.1867attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 1322c9ff-1334-3d4a-9396-4d9284d42636systemOnly: TRUEsearchFlags: 0linkID: 2041systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-ServiceAccountDNSDomainThis attribute specifies the domain of which the AD LDS service account is a : ms-DS-Service-Account-DNS-DomainldapDisplayName: msDS-ServiceAccountDNSDomainattributeId: 1.2.840.113556.1.4.1862attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: fba633d4-20d7-4773-8b2c-c7445f54360dsystemOnly: TRUEsearchFlags: 0rangeLower: 0rangeUpper: 2048systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-SettingsThis attribute is used to store settings for an object. Its use is solely determined by the object's owner. It is recommended to use it to store name/value pairs; for example, color=: ms-DS-SettingsldapDisplayName: msDS-SettingsattributeId: 1.2.840.113556.1.4.1697attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 0e1b47d7-40a3-4b48-8d1b-4cac0c1cdf21systemOnly: FALSEsearchFlags: 0rangeUpper: 1000000Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TasksForAzRoleThis attribute specifies a list of tasks for Az-: ms-DS-Tasks-For-Az-RoleldapDisplayName: msDS-TasksForAzRoleattributeId: 1.2.840.113556.1.4.1814attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 35319082-8c4a-4646-9386-c2949d49894dsystemOnly: FALSEsearchFlags: 0linkID: 2024Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TasksForAzRoleBLThis attribute specifies a backlink from Az-Task to the Az-Role objects that link to : ms-DS-Tasks-For-Az-Role-BLldapDisplayName: msDS-TasksForAzRoleBLattributeId: 1.2.840.113556.1.4.1815attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: a0dcd536-5158-42fe-8c40-c00a7ad37959systemOnly: TRUEsearchFlags: 0linkID: 2025showInAdvancedViewOnly: TRUEsystemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TasksForAzTaskThis attribute specifies a list of tasks linked to Az-: ms-DS-Tasks-For-Az-TaskldapDisplayName: msDS-TasksForAzTaskattributeId: 1.2.840.113556.1.4.1810attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: b11c8ee2-5fcd-46a7-95f0-f38333f096cfsystemOnly: FALSEsearchFlags: 0linkID: 2020Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TasksForAzTaskBLThis attribute specifies a backlink from Az-Task to the Az-Task objects that link to : ms-DS-Tasks-For-Az-Task-BLldapDisplayName: msDS-TasksForAzTaskBLattributeId: 1.2.840.113556.1.4.1811attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: df446e52-b5fa-4ca2-a42f-13f98a526c8fsystemOnly: TRUEsearchFlags: 0linkID: 2021systemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TombstoneQuotaFactorThis attribute specifies the percentage factor by which the tombstone object count is reduced for the purpose of quota : ms-DS-Tombstone-Quota-FactorldapDisplayName: msDS-TombstoneQuotaFactorattributeId: 1.2.840.113556.1.4.1847attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 461744d7-f3b6-45ba-8753-fb9552a5df32systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 100systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-TopQuotaUsageThis attribute lists the top quota users, ordered by decreasing quota usage currently in the directory : ms-DS-Top-Quota-UsageldapDisplayName: msDS-TopQuotaUsageattributeId: 1.2.840.113556.1.4.1850attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 7b7cce4f-f1f5-4bb6-b7eb-23504af19e75systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-UpdateScriptThis attribute is used to hold the script with the domain restructure : ms-DS-UpdateScriptldapDisplayName: msDS-UpdateScriptattributeId: 1.2.840.113556.1.4.1721attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 146eb639-bb9f-4fc1-a825-e29e00c77920systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-User-Account-Control-ComputedThis attribute specifies flags that control behavior of the user account. For more information, see [MS-ADTS] section 3.1.1.4.5.: ms-DS-User-Account-Control-ComputedldapDisplayName: msDS-User-Account-Control-ComputedattributeId: 1.2.840.113556.1.4.1460attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 2cc4b836-b63f-4940-8d23-ea7acf06af56systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-UserAccountDisabledThis attribute specifies a Boolean flag that controls whether an account is disabled or : ms-DS-User-Account-DisabledldapDisplayName: msDS-UserAccountDisabledattributeId: 1.2.840.113556.1.4.1853attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 7c708658-7372-4211-b22b-13a45ffd1d61systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-UserDontExpirePasswordThis attribute specifies a Boolean flag that controls whether the password will expire for the account that this attribute : ms-DS-User-Dont-Expire-PasswordldapDisplayName: msDS-UserDontExpirePasswordattributeId: 1.2.840.113556.1.4.1855attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 8788193a-2925-43d9-a221-bb7fff397675systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-UserPasswordExpiredThis attribute specifies a Boolean flag that indicates whether the password has expired for the account that this attribute references. TRUE means that the password has : ms-DS-User-Password-ExpiredldapDisplayName: msDS-UserPasswordExpiredattributeId: 1.2.840.113556.1.4.1858attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 565c7ab5-e13e-47f6-abb5-de741806f125systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute msDS-USNLastSyncSuccessThis attribute specifies the USN at which the last successful replication synchronization : ms-DS-USN-Last-Sync-SuccessldapDisplayName: msDS-USNLastSyncSuccessattributeId: 1.2.840.113556.1.4.2055attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: 31f7b8b6-c9f8-4f2d-a37b-58a823030331systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONALschemaFlagsEx: FLAG_ATTR_IS_CRITICALVersion-Specific Behavior: First implemented on Windows Server 2008 R2.Attribute mustContainThis attribute specifies the list of mandatory attributes for a class. These attributes have to be specified when an instance of the class is : Must-ContainldapDisplayName: mustContainattributeId: 1.2.840.113556.1.2.24attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf9679d3-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute nameThis attribute specifies the relative distinguished name of an : RDNldapDisplayName: nameattributeId: 1.2.840.113556.1.4.1attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a0e-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE| fANR | fATTINDEXrangeLower: 1rangeUpper: 255attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute nCNameThis attribute specifies the distinguished name of the naming context for the : NC-NameldapDisplayName: nCNameattributeId: 1.2.840.113556.1.2.16attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf9679d6-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute nETBIOSNameThis attribute specifies the name of the object to be used over : NETBIOS-NameldapDisplayName: nETBIOSNameattributeId: 1.2.840.113556.1.4.87attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf9679d8-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 1rangeUpper: 16systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute networkAddressThis attribute specifies the TCP/IP address for a network segment. Also called the subnet : Network-AddressldapDisplayName: networkAddressattributeId: 1.2.840.113556.1.2.459attributeSyntax: 2.5.5.4omSyntax: 20isSingleValued: FALSEschemaIdGuid: bf9679d9-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 256Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute nonIndexedMetadatams-DS-Non-Indexed-Metadatacn: ms-DS-Non-Indexed-MetadataldapDisplayName: nonIndexedMetadataattributeId: 1.2.840.113556.1.4.1887attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute notificationListThis attribute is not necessary for Active Directory to function. The protocol does not define a format beyond that required by the : Notification-ListldapDisplayName: notificationListattributeId: 1.2.840.113556.1.4.303attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 19195a56-6da0-11d0-afd3-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ntPwdHistoryThis attribute specifies the password history of the user in Windows NT operating system one-way format (OWF). Windows 2000 operating system uses the Windows NT : Nt-Pwd-HistoryldapDisplayName: ntPwdHistoryattributeId: 1.2.840.113556.1.4.94attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf9679e2-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute nTSecurityDescriptorThis attribute specifies the Windows NT security descriptor for an : NT-Security-DescriptorldapDisplayName: nTSecurityDescriptorattributeId: 1.2.840.113556.1.2.281attributeSyntax: 2.5.5.15omSyntax: 66isSingleValued: TRUEschemaIdGuid: bf9679e3-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fPRESERVEONDELETErangeLower: 0rangeUpper: 132096isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute oThis attribute specifies the name of the company or : Organization-NameldapDisplayName: oattributeId: 2.5.4.10attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf9679ef-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectCategoryThis attribute specifies an object class name used to group objects of this or derived : Object-CategoryldapDisplayName: objectCategoryattributeId: 1.2.840.113556.1.4.782attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 26d97369-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: fATTINDEXattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectClassThis attribute specifies the list of classes of which this object is an : Object-ClassldapDisplayName: objectClassattributeId: 2.5.4.0attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf9679e5-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectClassCategoryThis attribute contains the class type, such as abstract, auxiliary, or : Object-Class-CategoryldapDisplayName: objectClassCategoryattributeId: 1.2.840.113556.1.2.370attributeSyntax: 2.5.5.9omSyntax: 10isSingleValued: TRUEschemaIdGuid: bf9679e6-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0rangeLower: 0rangeUpper: 3systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectClassesThis attribute is a multivalued property containing strings that represent each class in the schema. Each value contains the governsID, lDAPDisplayName, mustContain, mayContain, and so : Object-ClassesldapDisplayName: objectClassesattributeId: 2.5.21.6attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a7ad94b-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectGUIDThis attribute specifies the unique identifier for an : Object-GuidldapDisplayName: objectGUIDattributeId: 1.2.840.113556.1.4.2attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf9679e7-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXrangeLower: 16rangeUpper: 16attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectSidThis attribute contains a binary value that specifies the security identifier (SID) of a security principal object. The SID is a unique value used to identify security principal : Object-SidldapDisplayName: objectSidattributeId: 1.2.840.113556.1.4.146attributeSyntax: 2.5.5.17omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf9679e8-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXrangeLower: 0rangeUpper: 28attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute objectVersionThis attribute can be used to store a version number for the : Object-VersionldapDisplayName: objectVersionattributeId: 1.2.840.113556.1.2.76attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 16775848-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute oMObjectClassThis attribute specifies the unique OID for the attribute or : OM-Object-ClassldapDisplayName: oMObjectClassattributeId: 1.2.840.113556.1.2.218attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf9679ec-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute oMSyntaxUsed as part of specifying the syntax of an attribute. See [MS-ADTS] section 3.1.1.2.2.2, LDAP Representation, for information on how this object is used by the Active Directory : OM-SyntaxldapDisplayName: oMSyntaxattributeId: 1.2.840.113556.1.2.231attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf9679ed-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute optionsThis attribute is a bit field, where the meaning of the bits varies from objectClass to objectClass. Can occur on Inter-Site-Transport, NTDS-Connection, NTDS-DSA, NTDS-Site-Settings, and Site-Link : OptionsldapDisplayName: optionsattributeId: 1.2.840.113556.1.4.307attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 19195a53-6da0-11d0-afd3-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherFacsimileTelephoneNumberThis attribute specifies a list of alternate facsimile : Phone-Fax-OtherldapDisplayName: otherFacsimileTelephoneNumberattributeId: 1.2.840.113556.1.4.646attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 0296c11d-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherHomePhoneThis attribute specifies a list of alternate home phone : Phone-Home-OtherldapDisplayName: otherHomePhoneattributeId: 1.2.840.113556.1.2.277attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: f0f8ffa2-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherIpPhoneThis attribute specifies the list of alternate TCP/IP addresses for the phone. Used by : Phone-Ip-OtherldapDisplayName: otherIpPhoneattributeId: 1.2.840.113556.1.4.722attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 4d146e4b-48d4-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherMobileThis attribute specifies a list of alternate cell phone : Phone-Mobile-OtherldapDisplayName: otherMobileattributeId: 1.2.840.113556.1.4.647attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 0296c11e-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherPagerThis attribute specifies a list of alternate pager : Phone-Pager-OtherldapDisplayName: otherPagerattributeId: 1.2.840.113556.1.2.118attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: f0f8ffa4-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherTelephoneThis attribute specifies a list of alternate office phone : Phone-Office-OtherldapDisplayName: otherTelephoneattributeId: 1.2.840.113556.1.2.18attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: f0f8ffa5-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute otherWellKnownObjectsThis attribute contains a list of containers by GUID and distinguished name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the Active Directory system will automatically update the distinguished : Other-Well-Known-ObjectsldapDisplayName: otherWellKnownObjectsattributeId: 1.2.840.113556.1.4.1359attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11isSingleValued: FALSEschemaIdGuid: 1ea64e5d-ac0f-11d2-90df-00c04fd91ab1systemOnly: FALSEsearchFlags: 0rangeLower: 16rangeUpper: 16systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ouThis attribute specifies the name of the organizational : Organizational-Unit-NameldapDisplayName: ouattributeId: 2.5.4.11attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf9679f0-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fATTINDEXrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ownerThis attribute specifies the distinguished name of an object that has ownership of an : OwnerldapDisplayName: ownerattributeId: 2.5.4.32attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf9679f3-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0linkID: 44Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute ownerBLThis attribute specifies the backlink to the owner attribute. It contains a list of owners for an : ms-Exch-Owner-BLldapDisplayName: ownerBLattributeId: 1.2.840.113556.1.2.104attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf9679f4-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0linkID: 45systemFlags: FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute pagerThis attribute specifies the primary pager : Phone-Pager-PrimaryldapDisplayName: pagerattributeId: 0.9.2342.19200300.100.1.42attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ffa6-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute parentGUIDThis is a constructed attribute, invented to support the DirSync control. Holds the objectGuid of an object's parent when replicating an object's creation, rename, or : Parent-GUIDldapDisplayName: parentGUIDattributeId: 1.2.840.113556.1.4.1224attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 2df90d74-009f-11d2-aa4c-00c04fd7d83asystemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute partialAttributeDeletionListThis attribute tacks the internal replication state of partial replicas (that is, on GCs). It is an attribute of the partial replica NC object, and is used when the GC is in the process of removing attributes from the objects in its partial replica : Partial-Attribute-Deletion-ListldapDisplayName: partialAttributeDeletionListattributeId: 1.2.840.113556.1.4.663attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 28630ec0-41d5-11d1-a9c1-0000f80367c1systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute partialAttributeSetThis attribute tracks the internal replication state of partial replicas (that is, on GCs). It is an attribute of the partial replica NC object, and defines the set of attributes present on a particular partial replica : Partial-Attribute-SetldapDisplayName: partialAttributeSetattributeId: 1.2.840.113556.1.4.640attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 19405b9e-3cfa-11d1-a9c0-0000f80367c1systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute pekListThis attribute specifies a list of password encryption keys. The attribute is used internally. It is not replicated and its content is not accessible through any protocol. For more information see [MS-ADTS] section 3.1.1.4.4 (Extended Access Checks).cn: Pek-ListldapDisplayName: pekListattributeId: 1.2.840.113556.1.4.865attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 07383083-91df-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute personalTitleThis attribute specifies the user's : Personal-TitleldapDisplayName: personalTitleattributeId: 1.2.840.113556.1.2.615attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 16775858-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute photoThis attribute specifies an object encoded in G3 fax as explained in recommendation T.4, with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as defined in X.: photoldapDisplayName: photoattributeId: 0.9.2342.19200300.100.1.7attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: 9c979768-ba1a-4c08-9632-c6a5c1ed649asystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute physicalDeliveryOfficeNameThis attribute contains the office location in the user's place of : Physical-Delivery-Office-NameldapDisplayName: physicalDeliveryOfficeNameattributeId: 2.5.4.19attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf9679f7-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fANR | fATTINDEXrangeLower: 1rangeUpper: 128attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute possibleInferiorsThis attribute specifies the list of objects that this object can : Possible-InferiorsldapDisplayName: possibleInferiorsattributeId: 1.2.840.113556.1.4.915attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 9a7ad94c-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute possSuperiorsThis attribute specifies the list of objects that can contain this : Poss-SuperiorsldapDisplayName: possSuperiorsattributeId: 1.2.840.113556.1.2.8attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf9679fa-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute postalAddressThis attribute specifies the mailing address for the : Postal-AddressldapDisplayName: postalAddressattributeId: 2.5.4.16attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf9679fc-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 4096attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute postalCodeThis attribute specifies the postal or ZIP code for mail : Postal-CodeldapDisplayName: postalCodeattributeId: 2.5.4.17attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf9679fd-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 40attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute postOfficeBoxThis attribute specifies the P.O. box number for this : Post-Office-BoxldapDisplayName: postOfficeBoxattributeId: 2.5.4.18attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf9679fb-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 40attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute preferredDeliveryMethodThis attribute specifies the X.500–preferred way [X500] to deliver to the : Preferred-Delivery-MethodldapDisplayName: preferredDeliveryMethodattributeId: 2.5.4.28attributeSyntax: 2.5.5.9omSyntax: 10isSingleValued: FALSEschemaIdGuid: bf9679fe-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute preferredLanguageThis attribute specifies the preferred written or spoken language for a : preferredLanguageldapDisplayName: preferredLanguageattributeId: 2.16.840.1.113730.3.1.39attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 856be0d0-18e7-46e1-8f5f-7ee4d9020e0dsystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute preferredOUThis attribute specifies the organizational unit to show by default on the user's : Preferred-OUldapDisplayName: preferredOUattributeId: 1.2.840.113556.1.4.97attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: bf9679ff-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute prefixMapThe Prefix-Map attribute is for internal use : Prefix-MapldapDisplayName: prefixMapattributeId: 1.2.840.113556.1.4.538attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 52458022-ca6a-11d0-afff-0000f80367c1systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute primaryGroupTokenA computed attribute that is used in retrieving the membership list of a group such as Domain Users. The complete membership of such groups is not stored explicitly for scaling : Primary-Group-TokenldapDisplayName: primaryGroupTokenattributeId: 1.2.840.113556.1.4.1412attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: c0ed8738-7efd-4481-84d9-66d2db8be369systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute primaryInternationalISDNNumberThis attribute specifies the primary ISDN : Phone-ISDN-PrimaryldapDisplayName: primaryInternationalISDNNumberattributeId: 1.2.840.113556.1.4.649attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 0296c11f-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute primaryTelexNumberThis attribute specifies the primary telex : Telex-PrimaryldapDisplayName: primaryTelexNumberattributeId: 1.2.840.113556.1.4.648attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 0296c121-40da-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute proxiedObjectNameThis attribute is used internally by Active Directory to help track interdomain : Proxied-Object-NameldapDisplayName: proxiedObjectNameattributeId: 1.2.840.113556.1.4.1249attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11isSingleValued: TRUEschemaIdGuid: e1aea402-cd5b-11d0-afff-0000f80367c1systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute proxyAddressesThis attribute specifies proxy addresses. A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution : Proxy-AddressesldapDisplayName: proxyAddressesattributeId: 1.2.840.113556.1.2.210attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: bf967a06-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fANR | fATTINDEXrangeLower: 1rangeUpper: 1123attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute pwdLastSetThis attribute specifies the date and time that the password for this account was last changed. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC).cn: Pwd-Last-SetldapDisplayName: pwdLastSetattributeId: 1.2.840.113556.1.4.96attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967a0a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute queryFilterQuery-Filter : Query-FilterldapDisplayName: queryFilterattributeId: 1.2.840.113556.1.4.1355attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: cbf70a26-7e78-11d2-9921-0000f87a57d4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute queryPolicyBLThis attribute is the back link attribute of queryPolicy and lists all objects holding references to a given Query-: Query-Policy-BLldapDisplayName: queryPolicyBLattributeId: 1.2.840.113556.1.4.608attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: e1aea404-cd5b-11d0-afff-0000f80367c1systemOnly: TRUEsearchFlags: 0linkID: 69systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute queryPolicyObjectThis attribute contains a reference to the default Query-Policy in force for this : Query-Policy-ObjectldapDisplayName: queryPolicyObjectattributeId: 1.2.840.113556.1.4.607attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: e1aea403-cd5b-11d0-afff-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 68systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute rangeLowerThis attribute specifies the minimum value or length of an : Range-LowerldapDisplayName: rangeLowerattributeId: 1.2.840.113556.1.2.34attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf967a0c-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute rangeUpperThis attribute specifies the maximum value or length of an : Range-UpperldapDisplayName: rangeUpperattributeId: 1.2.840.113556.1.2.35attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf967a0d-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute rDNAttIDThis attribute specifies the RDN for the attribute that is used to name a : RDN-Att-IDldapDisplayName: rDNAttIDattributeId: 1.2.840.113556.1.2.26attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: bf967a0f-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute registeredAddressThis attribute specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram : Registered-AddressldapDisplayName: registeredAddressattributeId: 2.5.4.26attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a10-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 4096attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute replIntervalThe attribute of Site-Link objects that defines the interval in minutes between replication cycles between the sites in the Site-List. It has to be a multiple of 15 minutes (the granularity of cross-site DS replication), a minimum of 15 minutes, and a maximum of 10,080 minutes (one week).cn: Repl-IntervalldapDisplayName: replIntervalattributeId: 1.2.840.113556.1.4.1336attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 45ba9d1a-56fa-11d2-90d0-00c04fd91ab1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute replPropertyMetaDataThis attribute tracks internal replication state information for DS objects. Information here can be extracted in public form through the public DsReplicaGetInfo() API. This attribute is present on all DS : Repl-Property-Meta-DataldapDisplayName: replPropertyMetaDataattributeId: 1.2.840.113556.1.4.3attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 281416c0-1968-11d0-a28f-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute replTopologyStayOfExecutionThis attribute specifies the delay between deleting a server object and permanently removing it from the replication : Repl-Topology-Stay-Of-ExecutionldapDisplayName: replTopologyStayOfExecutionattributeId: 1.2.840.113556.1.4.677attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 7bfdcb83-4807-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute replUpToDateVectorThis attribute tracks internal replication state information for an entire NC. Information here can be extracted in public form through the DsReplicaGetInfo() API. Present on all NC root : Repl-UpToDate-VectorldapDisplayName: replUpToDateVectorattributeId: 1.2.840.113556.1.4.4attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf967a16-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute repsFromThis attribute lists the servers from which the directory will accept changes for the defined naming context (NC).cn: Reps-FromldapDisplayName: repsFromattributeId: 1.2.840.113556.1.2.91attributeSyntax: 2.5.5.10omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.6isSingleValued: FALSEschemaIdGuid: bf967a1d-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute repsToThis attribute lists the servers that the directory will notify of changes and the servers that the directory will send changes to, upon request for the defined : Reps-ToldapDisplayName: repsToattributeId: 1.2.840.113556.1.2.83attributeSyntax: 2.5.5.10omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.6isSingleValued: FALSEschemaIdGuid: bf967a1e-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute retiredReplDSASignaturesThis attribute tracks the past DS replication identities of a given : Retired-Repl-DSA-SignaturesldapDisplayName: retiredReplDSASignaturesattributeId: 1.2.840.113556.1.4.673attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 7bfdcb7f-4807-11d1-a9c3-0000f80367c1systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute revisionThis attribute specifies the revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings : RevisionldapDisplayName: revisionattributeId: 1.2.840.113556.1.4.145attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf967a21-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute rightsGuidThis attribute specifies the GUID that is used to represent an extended right within an access control : Rights-GuidldapDisplayName: rightsGuidattributeId: 1.2.840.113556.1.4.340attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 8297931c-86d3-11d0-afda-00c04fd930c9systemOnly: FALSEsearchFlags: 0rangeLower: 36rangeUpper: 36systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute roomNumberThis attribute specifies the room number of an : roomNumberldapDisplayName: roomNumberattributeId: 0.9.2342.19200300.100.1.6attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 81d7f8c2-e327-4a0d-91c6-b42d4009115fsystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute rootTrustThis attribute specifies the distinguished name of another Cross-: Root-TrustldapDisplayName: rootTrustattributeId: 1.2.840.113556.1.4.674attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 7bfdcb80-4807-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute scheduleThis attribute specifies a schedule BLOB as defined by the NT Job Service. Used by : ScheduleldapDisplayName: scheduleattributeId: 1.2.840.113556.1.4.211attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: dd712224-10e4-11d0-a05f-00aa006c33edsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute schemaFlagsExThis attribute specifies an integer value that contains flags that define additional properties of the attribute, as shown below. See [MS-ADTS] for more information. This is an optional attribute.The schemaFlagsEx attribute contains bitwise flags. The following value is relevant to schema objects:FLAG_ATTR_IS_CRITICAL: Specifies that the attribute is not a member of the filtered attribute set even if the fRODCFilteredAttribute ([MS-ADTS] section 3.1.1.2.3.5) is set.This attribute is defined as follows:cn: Schema-Flags-ExldapDisplayName: schemaFlagsExattributeId: 1.2.840.113556.1.4.120attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: bf967a2b-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.The schemaFlagsEx attribute was added to this attribute definition in Windows Server 2008.The FLAG_ATTR_IS_CRITICAL value was implemented in Windows Server 2008.Attribute schemaIDGUIDThis attribute specifies the unique identifier for a schema : Schema-ID-GUIDldapDisplayName: schemaIDGUIDattributeId: 1.2.840.113556.1.4.148attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf967923-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0rangeLower: 16rangeUpper: 16systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute schemaInfoThis attribute specifies an internal binary value used to detect schema changes between DCs and force a schema NC replication cycle before replicating any other NC. Used to resolve ties when the schema FSMO is seized and a change is made on more than one : Schema-InfoldapDisplayName: schemaInfoattributeId: 1.2.840.113556.1.4.1358attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: f9fb64ae-93b4-11d2-9945-0000f87a57d4systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute schemaUpdatecn: Schema-UpdateldapDisplayName: schemaUpdateattributeId: 1.2.840.113556.1.4.481attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: 1e2d06b4-ac8f-11d0-afe3-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute schemaVersionThis attribute specifies the version number for the : Schema-VersionldapDisplayName: schemaVersionattributeId: 1.2.840.113556.1.2.471attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: FALSEschemaIdGuid: bf967a2c-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute scopeFlagscn: Scope-FlagsldapDisplayName: scopeFlagsattributeId: 1.2.840.113556.1.4.1354attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 16f3a4c2-7e79-11d2-9921-0000f87a57d4systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute sDRightsEffectiveThis constructed attribute returns a single DWORD value that can have up to three bits set: OWNER_SECURITY_INFORMATION, DACL_SECURITY_INFORMATION, and SACL_SECURITY_INFORMATION. If a bit is set, then the user has write access to the corresponding part of the security descriptor. Note:?"Owner" means both owner and : SD-Rights-EffectiveldapDisplayName: sDRightsEffectiveattributeId: 1.2.840.113556.1.4.1304attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: c3dbafa6-33df-11d2-98b2-0000f87a57d4systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute searchFlagsThis attribute contains a set of flags that specify search and indexing information for an : Search-FlagsldapDisplayName: searchFlagsattributeId: 1.2.840.113556.1.2.334attributeSyntax: 2.5.5.9omSyntax: 10isSingleValued: TRUEschemaIdGuid: bf967a2d-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute searchGuideThis attribute specifies information of suggested search criteria that might be included in some entries that are expected to be a convenient base object for the search operation; for example, country/region or : Search-GuideldapDisplayName: searchGuideattributeId: 2.5.4.14attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a2e-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute secretaryThis attribute contains the distinguished name of the secretary for an : secretaryldapDisplayName: secretaryattributeId: 0.9.2342.19200300.100.1.21attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 01072d9a-98ad-4a53-9744-e83e287278fbsystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute seeAlsoThis attribute specifies the list of DNs related to an : See-AlsoldapDisplayName: seeAlsoattributeId: 2.5.4.34attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967a31-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute serialNumberThis attribute is part of the X.500 specification [X500].cn: Serial-NumberldapDisplayName: serialNumberattributeId: 2.5.4.5attributeSyntax: 2.5.5.5omSyntax: 19isSingleValued: FALSEschemaIdGuid: bf967a32-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute serverReferenceThis attribute specifies a site computer object. The attribute is not necessary for Active Directory Lightweight Directory Services to function. The protocol does not define a format beyond that required by the : Server-ReferenceldapDisplayName: serverReferenceattributeId: 1.2.840.113556.1.4.515attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 26d9736d-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 94showInAdvancedViewOnly: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute serverReferenceBLThis attribute is the backlink attribute of serverReference, and it contains the DN of a server object under the sites folder. This attribute is not necessary for Active Directory Lightweight Directory Services to function. The protocol does not define a format beyond that required by the : Server-Reference-BLldapDisplayName: serverReferenceBLattributeId: 1.2.840.113556.1.4.516attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 26d9736e-6070-11d1-a9c6-0000f80367c1systemOnly: TRUEsearchFlags: 0linkID: 95systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute shellContextMenuThis attribute specifies the order number and GUID of the context menu for this : Shell-Context-MenuldapDisplayName: shellContextMenuattributeId: 1.2.840.113556.1.4.615attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 553fd039-f32e-11d0-b0bc-00c04fd8dca6systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute shellPropertyPagesThis attribute specifies the order number and GUID of property pages for managing Active Directory objects. These property pages can be accessed from the Windows shell. For more information, see the document "Extending the User Interface for Directory Objects" [MSDN-ExtUserIntDirObj].cn: Shell-Property-PagesldapDisplayName: shellPropertyPagesattributeId: 1.2.840.113556.1.4.563attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 52458039-ca6a-11d0-afff-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute showInAdvancedViewOnlyThis attribute is TRUE if the corresponding attribute is to be visible in the advanced mode of the : Show-In-Advanced-View-OnlyldapDisplayName: showInAdvancedViewOnlyattributeId: 1.2.840.113556.1.2.169attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf967984-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPY | fATTINDEXattributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute siteLinkListThis attribute specifies a list of site links that are associated with this : Site-Link-ListldapDisplayName: siteLinkListattributeId: 1.2.840.113556.1.4.822attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: d50c2cdd-8951-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 142systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute siteListThis attribute specifies a list of sites that are connected to this link : Site-ListldapDisplayName: siteListattributeId: 1.2.840.113556.1.4.821attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: d50c2cdc-8951-11d1-aebc-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 144systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute siteObjectThis attribute specifies the DN for the site to which this subnet : Site-ObjectldapDisplayName: siteObjectattributeId: 1.2.840.113556.1.4.512attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 3e10944c-c354-11d0-aff8-0000f80367c1systemOnly: FALSEsearchFlags: 0linkID: 46systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute siteObjectBLThis attribute is the backlink attribute of siteObject and contains the list of subnet objects that belong to a : Site-Object-BLldapDisplayName: siteObjectBLattributeId: 1.2.840.113556.1.4.513attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 3e10944d-c354-11d0-aff8-0000f80367c1systemOnly: TRUEsearchFlags: 0linkID: 47systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute siteServerThis attribute specifies the licensing master server for a given : Site-ServerldapDisplayName: siteServerattributeId: 1.2.840.113556.1.4.494attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 1be8f17c-a9ff-11d0-afe2-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute snThis attribute contains the family or last name for a : SurnameldapDisplayName: snattributeId: 2.5.4.4attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a41-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fANR | fATTINDEXrangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute sourceObjectGuidms-DS-Source-Object-Guidcn: ms-DS-Source-Object-GuidldapDisplayName: sourceObjectGuidattributeId: 1.2.840.113556.1.4.1885attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEsearchFlags: fATTINDEXVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute stThis attribute specifies the name of a user's state or : State-Or-Province-NameldapDisplayName: stattributeId: 2.5.4.8attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a39-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 128attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute streetThis attribute specifies the user's street : Street-AddressldapDisplayName: streetattributeId: 2.5.4.9attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a3a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: fCOPYrangeLower: 1rangeUpper: 1024attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute streetAddressThis attribute specifies the user's : AddressldapDisplayName: streetAddressattributeId: 1.2.840.113556.1.2.256attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: f0f8ff84-1191-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 1024attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute structuralObjectClassThis constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list contains dynamically linked auxiliary : Structural-Object-ClassldapDisplayName: structuralObjectClassattributeId: 2.5.21.9attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: 3860949f-f6a8-4b38-9950-81ecb6bc2982systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute subClassOfThis attribute specifies the parent class of a : Sub-Class-OfldapDisplayName: subClassOfattributeId: 1.2.840.113556.1.2.21attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: bf967a3b-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute subRefsThis attribute specifies a list of subordinate references of a naming : Sub-RefsldapDisplayName: subRefsattributeId: 1.2.840.113556.1.2.7attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: bf967a3c-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute subSchemaSubEntryThis attribute specifies the DN for the location of the subschema object where a class or attribute is : SubSchemaSubEntryldapDisplayName: subSchemaSubEntryattributeId: 2.5.18.10attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: FALSEschemaIdGuid: 9a7ad94d-ca53-11d1-bbd0-0080c76670c0systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute superiorDNSRootThis system attribute is used for referrals : Superior-DNS-RootldapDisplayName: superiorDNSRootattributeId: 1.2.840.113556.1.4.532attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 5245801d-ca6a-11d0-afff-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute supplementalCredentialsThis attribute specifies stored credentials for use in authenticating. It provides the encrypted version of the user's password. This attribute is neither readable nor : Supplemental-CredentialsldapDisplayName: supplementalCredentialsattributeId: 1.2.840.113556.1.4.125attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a3f-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemAuxiliaryClassThis attribute specifies a list of auxiliary classes that cannot be modified by the : System-Auxiliary-ClassldapDisplayName: systemAuxiliaryClassattributeId: 1.2.840.113556.1.4.198attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf967a43-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemFlagsThis attribute specifies an integer value that contains flags that define additional properties of the : System-FlagsldapDisplayName: systemFlagsattributeId: 1.2.840.113556.1.4.375attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: e0fa1e62-9b45-11d0-afdd-00c04fd930c9systemOnly: TRUEsearchFlags: fPRESERVEONDELETEattributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemMayContainThis attribute specifies the list of optional attributes for a class. The list of attributes can only be modified by the Active Directory system [MS-ADOD].cn: System-May-ContainldapDisplayName: systemMayContainattributeId: 1.2.840.113556.1.4.196attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf967a44-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemMustContainThis attribute specifies the list of mandatory attributes for a class. These attributes have to be specified when an instance of the class is created. The list of attributes can be modified only by the Active Directory : System-Must-ContainldapDisplayName: systemMustContainattributeId: 1.2.840.113556.1.4.197attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf967a45-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemOnlyThis attribute is a Boolean value that specifies whether only Active Directory can modify the class. System-only classes can be created or deleted only by the directory system : System-OnlyldapDisplayName: systemOnlyattributeId: 1.2.840.113556.1.4.170attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: bf967a46-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute systemPossSuperiorsThis attribute specifies the list of classes that can contain this class. This list can only be modified by the Active Directory : System-Poss-SuperiorsldapDisplayName: systemPossSuperiorsattributeId: 1.2.840.113556.1.4.195attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: FALSEschemaIdGuid: bf967a47-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute telephoneNumberThis attribute specifies the primary telephone : Telephone-NumberldapDisplayName: telephoneNumberattributeId: 2.5.4.20attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a49-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute teletexTerminalIdentifierThis attribute specifies the Teletex terminal identifier, and optionally parameters, for a Teletex terminal associated with an : Teletex-Terminal-IdentifierldapDisplayName: teletexTerminalIdentifierattributeId: 2.5.4.22attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a4a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute telexNumberThis attribute specifies a list of alternate telex : Telex-NumberldapDisplayName: telexNumberattributeId: 2.5.4.21attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a4b-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 32attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute thumbnailLogoThis attribute specifies a BLOB containing a logo for this : LogoldapDisplayName: thumbnailLogoattributeId: 2.16.840.1.113730.3.1.36attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf9679a9-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 32767systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute thumbnailPhotoPicturecn: PictureldapDisplayName: thumbnailPhotoattributeId: 2.16.840.1.113730.3.1.35attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: 8d3bca50-1d7e-11d0-a081-00aa006c33edsystemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 102400attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute titleThis attribute contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as "Esq." or "DDS".cn: TitleldapDisplayName: titleattributeId: 2.5.4.12attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a55-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 64attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute tokenGroupsThis computed attribute contains the list of SIDs due to a transitive group membership expansion operation on a given user or computer. Token groups cannot be retrieved if no global catalog is present to retrieve the transitive reverse : Token-GroupsldapDisplayName: tokenGroupsattributeId: 1.2.840.113556.1.4.1301attributeSyntax: 2.5.5.17omSyntax: 4isSingleValued: FALSEschemaIdGuid: b7c69e6d-2cc7-11d2-854e-00a0c983f608systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute tombstoneLifetimeIf the Recycle Bin optional feature is not enabled, this attribute specifies the number of days before a deleted object is removed from the directory services. If the Recycle Bin optional feature is enabled, this attribute specifies the number of days before a recycled object is removed from the directory : Tombstone-LifetimeldapDisplayName: tombstoneLifetimeattributeId: 1.2.840.113556.1.2.54attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 16c3a860-1273-11d0-a060-00aa006c33edsystemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute transportAddressAttributeThis attribute specifies the name of the address type for the : Transport-Address-AttributeldapDisplayName: transportAddressAttributeattributeId: 1.2.840.113556.1.4.895attributeSyntax: 2.5.5.2omSyntax: 6isSingleValued: TRUEschemaIdGuid: c1dc867c-a261-11d1-b606-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute transportDLLNameThis attribute specifies the name of the DLL that will manage a : Transport-DLL-NameldapDisplayName: transportDLLNameattributeId: 1.2.840.113556.1.4.789attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 26d97372-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 1024systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute transportTypeThis attribute specifies the DN for a type of transport that is being used to connect sites together. This value can point to an IP or SMTP : Transport-TypeldapDisplayName: transportTypeattributeId: 1.2.840.113556.1.4.791attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: 26d97374-6070-11d1-a9c6-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute treatAsLeafThis attribute defines a flag for display specifiers (see the displaySpecifier class in section 3). Display specifiers that have this attribute set to true force the related class to be displayed as a leaf class even if it has : Treat-As-LeafldapDisplayName: treatAsLeafattributeId: 1.2.840.113556.1.4.806attributeSyntax: 2.5.5.8omSyntax: 1isSingleValued: TRUEschemaIdGuid: 8fd044e3-771f-11d1-aeae-0000f80367c1systemOnly: FALSEVersion-Specific Behavior: First implemented on Windows Server 2008.Attribute trustParentThis attribute specifies the parent in the Kerberos trust : Trust-ParentldapDisplayName: trustParentattributeId: 1.2.840.113556.1.4.471attributeSyntax: 2.5.5.1omSyntax: 127omObjectClass: 1.3.12.2.1011.28.0.714isSingleValued: TRUEschemaIdGuid: b000ea7a-a086-11d0-afdd-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uidThis attribute specifies the user : uidldapDisplayName: uidattributeId: 0.9.2342.19200300.100.1.1attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 0bb0fca0-1e89-429f-901a-1413894d9f59systemOnly: FALSEsearchFlags: fPRESERVEONDELETEattributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cfshowInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute unicodePwdThe password of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. This property is used only by the operating system. Note:?The clear password cannot be derived back from the OWF form of the : Unicode-PwdldapDisplayName: unicodePwdattributeId: 1.2.840.113556.1.4.90attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: TRUEschemaIdGuid: bf9679e1-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uPNSuffixesThis attribute specifies the list of User-Principal-Name suffixes for a : UPN-SuffixesldapDisplayName: uPNSuffixesattributeId: 1.2.840.113556.1.4.890attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 032160bf-9824-11d1-aec0-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute urlThis attribute specifies a list of alternate : WWW-Page-OtherldapDisplayName: urlattributeId: 1.2.840.113556.1.4.749attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 9a9a0221-4a5b-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userCertificateThis attribute contains the DER-encoded X509v3 certificates issued to the user ([RFC3280]).Note:?This property contains the public key certificates issued to this user by Microsoft Certificate : X509-CertldapDisplayName: userCertificateattributeId: 2.5.4.36attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a7f-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeUpper: 32768attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userParametersThis attribute specifies the user's parameters and is set aside for use by applications. Microsoft products use this member to store user data that is specific to the individual : User-ParametersldapDisplayName: userParametersattributeId: 1.2.840.113556.1.4.138attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a6d-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 0rangeUpper: 32767attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userPasswordThis attribute specifies the user's password in UTF-8 format. This is a write-only : User-PasswordldapDisplayName: userPasswordattributeId: 2.5.4.35attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: bf967a6e-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 128systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userPKCS12This attribute specifies PKCS #12 PFX PDU for exchange of personal identity : userPKCS12ldapDisplayName: userPKCS12attributeId: 2.16.840.1.113730.3.1.216attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: 23998ab5-70f8-4007-a4c1-a84a38311f9asystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userPrincipalNameThis attribute contains the UPN that is an Internet-style logon name for a user, as specified in [RFC822]. The UPN is shorter than the DN and easier to remember.By convention, this attribute maps to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain : User-Principal-NameldapDisplayName: userPrincipalNameattributeId: 1.2.840.113556.1.4.656attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: 28630ebb-41d5-11d1-a9c1-0000f80367c1systemOnly: FALSEsearchFlags: fATTINDEXrangeUpper: 1024attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute userSMIMECertificateThis attribute specifies a certificate distribution object or tagged : User-SMIME-CertificateldapDisplayName: userSMIMECertificateattributeId: 2.16.840.1.113730.3.140attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: e16a9db2-403c-11d1-a9c0-0000f80367c1systemOnly: FALSEsearchFlags: 0rangeUpper: 32768attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1isMemberOfPartialAttributeSet: TRUEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uSNChangedThis attribute specifies an update sequence number (USN) value assigned by the local directory for the latest change, including : USN-ChangedldapDisplayName: uSNChangedattributeId: 1.2.840.113556.1.2.120attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967a6f-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uSNCreatedThis attribute specifies a USN-Changed value that is assigned at object : USN-CreatedldapDisplayName: uSNCreatedattributeId: 1.2.840.113556.1.2.19attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967a70-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: fPRESERVEONDELETE | fATTINDEXisMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uSNDSALastObjRemovedThis attribute contains the USN for the last system object that was removed from a : USN-DSA-Last-Obj-RemovedldapDisplayName: uSNDSALastObjRemovedattributeId: 1.2.840.113556.1.2.267attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967a71-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute USNIntersiteThis attribute specifies the USN for intersite : USN-IntersiteldapDisplayName: USNIntersiteattributeId: 1.2.840.113556.1.2.469attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: a8df7498-c5ea-11d1-bbcb-0080c76670c0systemOnly: FALSEsearchFlags: fATTINDEXsystemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uSNLastObjRemThis attribute contains the USN for the last non-system object that was removed from a : USN-Last-Obj-RemldapDisplayName: uSNLastObjRemattributeId: 1.2.840.113556.1.2.121attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: bf967a73-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute uSNSourceThis attribute specifies the value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local : USN-SourceldapDisplayName: uSNSourceattributeId: 1.2.840.113556.1.4.896attributeSyntax: 2.5.5.16omSyntax: 65isSingleValued: TRUEschemaIdGuid: 167758ad-47f3-11d1-a9c3-0000f80367c1systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute validAccessesThis attribute specifies the type of access that is permitted with an extended : Valid-AccessesldapDisplayName: validAccessesattributeId: 1.2.840.113556.1.4.1356attributeSyntax: 2.5.5.9omSyntax: 2isSingleValued: TRUEschemaIdGuid: 4d2fa380-7f54-11d2-992a-0000f87a57d4systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute wbemPathThis attribute specifies references to objects in other ADSI : Wbem-PathldapDisplayName: wbemPathattributeId: 1.2.840.113556.1.4.301attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: FALSEschemaIdGuid: 244b2970-5abd-11d0-afd2-00c04fd930c9systemOnly: FALSEsearchFlags: 0systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute wellKnownObjectsThis attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name.Whenever the object is moved, the Active Directory system will automatically update the distinguished name portion of the Well-Known-Objects values that referred to the object.For information on well-known objects, well-known GUIDs, and their symbolic names, see [MS-ADTS] section 6.1.1.: Well-Known-ObjectsldapDisplayName: wellKnownObjectsattributeId: 1.2.840.113556.1.4.618attributeSyntax: 2.5.5.7omSyntax: 127omObjectClass: 1.2.840.113556.1.1.1.11isSingleValued: FALSEschemaIdGuid: 05308983-7688-11d1-aded-00c04fd8d5cdsystemOnly: TRUEsearchFlags: 0rangeLower: 16rangeUpper: 16isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute whenChangedThis attribute specifies the date when this object was last changed. This value is not replicated and exists in the global : When-ChangedldapDisplayName: whenChangedattributeId: 1.2.840.113556.1.2.3attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: bf967a77-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATEDVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute whenCreatedThis attribute specifies the date when this object was created. This value is replicated and is in the global : When-CreatedldapDisplayName: whenCreatedattributeId: 1.2.840.113556.1.2.2attributeSyntax: 2.5.5.11omSyntax: 24isSingleValued: TRUEschemaIdGuid: bf967a78-0de6-11d0-a285-00aa003049e2systemOnly: TRUEsearchFlags: 0isMemberOfPartialAttributeSet: TRUEsystemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_REQ_PARTIAL_SET_MEMBERVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute wWWHomePageThis attribute specifies the primary web : WWW-Home-PageldapDisplayName: wWWHomePageattributeId: 1.2.840.113556.1.2.464attributeSyntax: 2.5.5.12omSyntax: 64isSingleValued: TRUEschemaIdGuid: bf967a7a-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 2048attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute x121AddressThis attribute specifies the X.121 address for an object, as specified in [X121].cn: X121-AddressldapDisplayName: x121AddressattributeId: 2.5.4.24attributeSyntax: 2.5.5.6omSyntax: 18isSingleValued: FALSEschemaIdGuid: bf967a7b-0de6-11d0-a285-00aa003049e2systemOnly: FALSEsearchFlags: 0rangeLower: 1rangeUpper: 15attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Attribute x500uniqueIdentifierThis attribute is used to distinguish between objects when a DN has been reused. Note:?This is a different attribute type from both the "uid" and "uniqueIdentifier" : x500uniqueIdentifierldapDisplayName: x500uniqueIdentifierattributeId: 2.5.4.45attributeSyntax: 2.5.5.10omSyntax: 4isSingleValued: FALSEschemaIdGuid: d07da11f-8a3d-42b6-b0aa-76c962be719asystemOnly: FALSEsearchFlags: 0showInAdvancedViewOnly: FALSEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Classes XE "Schema - Active Directory Lightweight Directory Services:classes" XE "Classes" XE "Active Directory Lightweight Directory Services classes"The following sections specify the classes in the Active Directory Lightweight Directory Services schema.These sections normatively specify the schema definition of each class, as well as version-specific behavior of those schema definitions (such as when the class was added to the schema). As an aid to the reader, some of the sections also include informative notes about how the class can be used.Note:?In the following class definitions, "<SchemaNCDN>" is the DN of the schema NC. For more information, see [MS-ADTS] section 3.1.1.1.7.Note:?Lines of text in the class definitions that are excessively long have been "folded" in accordance with [RFC2849] Note 2.Class applicationSettingsThis is the base class for server-specific application : Application-SettingsldapDisplayName: applicationSettingsgovernsId: 1.2.840.113556.1.5.7000.49objectClassCategory: 2rdnAttId: cnsubClassOf: topsystemMayContain: msDS-SettingssystemPossSuperiors: serverschemaIdGuid: f780acc1-56f0-11d1-a9c6-0000f80367c1defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Application-Settings,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Active Directory Application Mode (ADAM) and Windows Server 2008 operating system.Class applicationSiteSettingsThis class specifies the container that holds all site-specific : Application-Site-SettingsldapDisplayName: applicationSiteSettingsgovernsId: 1.2.840.113556.1.5.68objectClassCategory: 2rdnAttId: cnsubClassOf: topsystemPossSuperiors: siteschemaIdGuid: 19195a5c-6da0-11d0-afd3-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Application-Site-Settings,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class attributeSchemaThis class defines an attribute object in the : Attribute-SchemaldapDisplayName: attributeSchemagovernsId: 1.2.840.113556.1.3.14objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: schemaIDGUID, oMSyntax, lDAPDisplayName, isSingleValued, cn, attributeSyntax, attributeIDsystemMayContain: systemOnly, searchFlags, schemaFlagsEx, rangeUpper, rangeLower, oMObjectClass, msDs-Schema-Extensions, msDS-IntId, linkID, isMemberOfPartialAttributeSet, isEphemeral, isDefunct, extendedCharsAllowed, classDisplayName, attributeSecurityGUIDsystemPossSuperiors: dMDschemaIdGuid: bf967a80-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Attribute-Schema,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class classSchemaThis class defines a class object in the : Class-SchemaldapDisplayName: classSchemagovernsId: 1.2.840.113556.1.3.13objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: subClassOf, schemaIDGUID, objectClassCategory, governsID, defaultObjectCategory, cnsystemMayContain: systemPossSuperiors, systemOnly, systemMustContain, systemMayContain, systemAuxiliaryClass, schemaFlagsEx, rDNAttID, possSuperiors, mustContain, msDs-Schema-Extensions, msDS-IntId, mayContain, lDAPDisplayName, isDefunct, defaultSecurityDescriptor, defaultHidingValue, classDisplayName, auxiliaryClasssystemPossSuperiors: dMDschemaIdGuid: bf967a83-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Class-Schema,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class configurationThis class is a container that holds the configuration information for a : ConfigurationldapDisplayName: configurationgovernsId: 1.2.840.113556.1.5.12objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: cnsystemMayContain: msDS-USNLastSyncSuccess, msDS-ReplAuthenticationModesystemPossSuperiors: domainDNSschemaIdGuid: bf967a87-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=Configuration,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class containerThis class is used to hold other : ContainerldapDisplayName: containergovernsId: 1.2.840.113556.1.3.23objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: cnsystemMayContain: schemaVersionpossSuperiors: msDS-AzScope, msDS-AzApplication, msDS-AzAdminManagersystemPossSuperiors: subnet, server, nTDSService, domainDNS, organization, configuration, container, organizationalUnitschemaIdGuid: bf967a8b-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class controlAccessRightThis class identifies an extended right that can be granted or revoked via an access control list (ACL).cn: Control-Access-RightldapDisplayName: controlAccessRightgovernsId: 1.2.840.113556.1.5.77objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: validAccesses, rightsGuid, localizationDisplayId, appliesTosystemPossSuperiors: containerschemaIdGuid: 8297931e-86d3-11d0-afda-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Control-Access-Right,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class countryThis class specifies the country/region in the address of the user. This is the full : CountryldapDisplayName: countrygovernsId: 2.5.6.2objectClassCategory: 0rdnAttId: csubClassOf: topsystemMustContain: csystemMayContain: co, searchGuidesystemPossSuperiors: domainDNS, organizationschemaIdGuid: bf967a8c-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Country,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class crossRefThis class holds knowledge information about all directory service (DS) naming contexts and all external directories to which referrals can be : Cross-RefldapDisplayName: crossRefgovernsId: 1.2.840.113556.1.3.11objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: nCName, cnsystemMayContain: trustParent, superiorDNSRoot, rootTrust, nETBIOSName, msDS-Other-Settings, Enabled, msDS-SDReferenceDomain, msDS-Replication-Notify-Subsequent-DSA-Delay, msDS-Replication-Notify-First-DSA-Delay, msDS-NC-Replica-Locations, msDS-DnsRootAlias, msDS-Behavior-Version, dnsRootsystemPossSuperiors: crossRefContainerschemaIdGuid: bf967a8d-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Cross-Ref,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class crossRefContainerThis class holds cross-reference objects for all naming : Cross-Ref-ContainerldapDisplayName: crossRefContainergovernsId: 1.2.840.113556.1.5.7000.53objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: msDS-EnabledFeature, uPNSuffixes, msDS-UpdateScript, msDS-ExecuteScriptPassword, msDS-Behavior-VersionsystemPossSuperiors: configurationschemaIdGuid: ef9e60e0-56f7-11d1-a9c6-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: TRUEdefaultObjectCategory: CN=Cross-Ref-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class displaySpecifierThis class describes the context menus and property pages to be used with an object in the : Display-SpecifierldapDisplayName: displaySpecifiergovernsId: 1.2.840.113556.1.5.84objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: treatAsLeaf, shellPropertyPages, shellContextMenu, scopeFlags, queryFilter, iconPath, extraColumns, creationWizard, createWizardExt, createDialog, contextMenu, classDisplayName, attributeDisplayNames, adminPropertyPages, adminMultiselectPropertyPages, adminContextMenusystemPossSuperiors: containerschemaIdGuid: e0fa1e8a-9b45-11d0-afdd-00c04fd930c9systemOnly: FALSEdefaultObjectCategory: CN=Display-Specifier,<SchemaNCDN>Version-Specific Behavior: First implemented on Windows Server 2008.Class dMDThis class specifies the Directory Management Domain. In Active Directory, this is the class that holds the : DMDldapDisplayName: dMDgovernsId: 1.2.840.113556.1.3.9objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: cnsystemMayContain: msDS-USNLastSyncSuccess, schemaUpdate, schemaInfo, prefixMap, msDs-Schema-Extensions, msDS-IntId, dmdNamesystemPossSuperiors: configurationschemaIdGuid: bf967a8f-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=DMD,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class domainThis class contains information about a : DomainldapDisplayName: domaingovernsId: 1.2.840.113556.1.5.66objectClassCategory: 2rdnAttId: dcsubClassOf: topsystemMustContain: dcsystemPossSuperiors: domain, organizationschemaIdGuid: 19195a5a-6da0-11d0-afd3-00c04fd930c9defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Domain-DNS,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class domainDNSThis class specifies a Windows NT operating system domain with DNS-based (DC=) : Domain-DNSldapDisplayName: domainDNSgovernsId: 1.2.840.113556.1.5.67objectClassCategory: 1rdnAttId: dcsubClassOf: domainsystemMayContain: msDS-EnabledFeature, msDS-USNLastSyncSuccess, msDS-Behavior-Version, msDS-AllowedDNSSuffixes, managedBysystemPossSuperiors: domainDNSschemaIdGuid: 19195a5b-6da0-11d0-afd3-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Domain-DNS,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class dSUISettingsThis class is used to store configuration settings used by the Active Directory Users and Computers snap-: DS-UI-SettingsldapDisplayName: dSUISettingsgovernsId: 1.2.840.113556.1.5.183objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: msDS-Security-Group-Extra-Classes, msDS-Non-Security-Group-Extra-Classes, msDS-FilterContainers, dSUIShellMaximum, dSUIAdminNotification, dSUIAdminMaximumsystemPossSuperiors: containerschemaIdGuid: 09b10f14-6f93-11d2-9905-0000f87a57d4systemOnly: FALSEdefaultObjectCategory: CN=DS-UI-Settings,<SchemaNCDN>Version-Specific Behavior: First implemented on Windows Server 2008.Class dynamicObjectIf present in an entry, this class indicates that this entry has a limited lifetime and can disappear automatically when its time-to-live has reached 0. If the client has not supplied a value for the entryTtl attribute, the server will provide : Dynamic-ObjectldapDisplayName: dynamicObjectgovernsId: 1.3.6.1.4.1.1466.101.119.2objectClassCategory: 3rdnAttId: cnsubClassOf: topsystemMayContain: msDS-Entry-Time-To-Die, entryTTLschemaIdGuid: 66d51249-3355-4c1f-b24e-81f252aca23bdefaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Dynamic-Object,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class foreignSecurityPrincipalThis class specifies the security principal from an external : Foreign-Security-PrincipalldapDisplayName: foreignSecurityPrincipalgovernsId: 1.2.840.113556.1.5.76objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: objectSidsystemPossSuperiors: containerschemaIdGuid: 89e31c12-8530-11d0-afda-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Foreign-Security-Principal,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class groupThis class stores a list of user names. Used to apply security principals on : GroupldapDisplayName: groupgovernsId: 1.2.840.113556.1.5.8objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemAuxiliaryClass: securityPrincipalsystemMustContain: groupTypemayContain: msDS-AzGenericData, msDS-AzObjectGuid, msDS-AzApplicationData, msDS-AzLastImportedBizRulePath, msDS-AzBizRuleLanguage, msDS-AzBizRule, msDS-AzLDAPQuerysystemMayContain: msDS-NonMembers, primaryGroupToken, member, managedBy, desktopProfilepossSuperiors: msDS-AzScope, msDS-AzApplication, msDS-AzAdminManagersystemPossSuperiors: container, organizationalUnit, domainDNSschemaIdGuid: bf967a9c-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Group,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class groupOfNamesGroup-Of-Namescn: Group-Of-NamesldapDisplayName: groupOfNamesgovernsId: 2.5.6.9objectClassCategory: 0rdnAttId: cnsubClassOf: topsystemMustContain: cnsystemMayContain: member, businessCategory, o, ou, owner, seeAlsosystemPossSuperiors: container, organization, locality, organizationalUnitschemaIdGuid: bf967a9d-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Group-Of-Names,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class inetOrgPersonThis class represents people who are associated with an organization in some : inetOrgPersonldapDisplayName: inetOrgPersongovernsId: 2.16.840.1.113730.3.2.2objectClassCategory: 1rdnAttId: cnsubClassOf: usermayContain: audio, businessCategory, carLicense, departmentNumber, displayName, employeeNumber, employeeType, givenName, homePhone, homePostalAddress, initials, jpegPhoto, labeledURI, mail, manager, mobile, o, pager, photo, preferredLanguage, roomNumber, secretary, uid, userCertificate, userPKCS12, userSMIMECertificate, x500uniqueIdentifierpossSuperiors: container, organizationalUnit, domainDNSschemaIdGuid: 4828cc14-1437-45bc-9b07-ad6f015e5f28defaultSecurityDescriptor: D:(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)S:showInAdvancedViewOnly: FALSEdefaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Person,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class interSiteTransportThis class specifies an optional attribute of nTDSConnection objects. If present, it holds the DN of an interSiteTransport object in the CN=Inter-Site Transports,CN=Sites,CN=Configuration,... : Inter-Site-TransportldapDisplayName: interSiteTransportgovernsId: 1.2.840.113556.1.5.141objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: transportDLLName, transportAddressAttributesystemMayContain: replInterval, optionssystemPossSuperiors: interSiteTransportContainerschemaIdGuid: 26d97376-6070-11d1-a9c6-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Inter-Site-Transport,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class interSiteTransportContainerThis class holds Inter-Site-Transport : Inter-Site-Transport-ContainerldapDisplayName: interSiteTransportContainergovernsId: 1.2.840.113556.1.5.140objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemPossSuperiors: sitesContainerschemaIdGuid: 26d97375-6070-11d1-a9c6-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Inter-Site-Transport-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class leafThis class is the base class for leaf : LeafldapDisplayName: leafgovernsId: 1.2.840.113556.1.5.20objectClassCategory: 2rdnAttId: cnsubClassOf: topschemaIdGuid: bf967a9e-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Leaf,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class localityThis class contains a locality, such as a street address, city, and : LocalityldapDisplayName: localitygovernsId: 2.5.6.3objectClassCategory: 1rdnAttId: lsubClassOf: topsystemMustContain: lsystemMayContain: street, st, seeAlso, searchGuidesystemPossSuperiors: domainDNS, country, organizationalUnit, organization, localityschemaIdGuid: bf967aa0-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Locality,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class lostAndFoundThis class is a special container for orphaned : Lost-And-FoundldapDisplayName: lostAndFoundgovernsId: 1.2.840.113556.1.5.139objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: moveTreeStatesystemPossSuperiors: configuration, domainDNS, dMDschemaIdGuid: 52ab8671-5709-11d1-a9c6-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Lost-And-Found,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzAdminManagerThis class specifies the root of Authorization Policy store : ms-DS-Az-Admin-ManagerldapDisplayName: msDS-AzAdminManagergovernsId: 1.2.840.113556.1.5.234objectClassCategory: 1rdnAttId: cnsubClassOf: topmayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-AzMinorVersion, msDS-AzMajorVersion, msDS-AzDomainTimeout, msDS-AzScriptEngineCacheMax, msDS-AzScriptTimeout, msDS-AzGenerateAudits, msDS-AzApplicationDatasystemPossSuperiors: container, organizationalUnit, domainDNSschemaIdGuid: cfee1051-5f28-4bae-a863-5d0cc18a8ed1defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Admin-Manager,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzApplicationThis class defines an installed instance of an application that is bound to a particular policy : ms-DS-Az-ApplicationldapDisplayName: msDS-AzApplicationgovernsId: 1.2.840.113556.1.5.235objectClassCategory: 1rdnAttId: cnsubClassOf: topmayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-AzApplicationName, msDS-AzClassId, msDS-AzApplicationVersion, msDS-AzGenerateAudits, msDS-AzApplicationDatasystemPossSuperiors: msDS-AzAdminManagerschemaIdGuid: ddf8de9b-cba5-4e12-842e-28d8b66f75ecdefaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Application,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzOperationThis class describes a particular operation supported by an : ms-DS-Az-OperationldapDisplayName: msDS-AzOperationgovernsId: 1.2.840.113556.1.5.236objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: msDS-AzOperationIDmayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-AzApplicationDatasystemPossSuperiors: container, msDS-AzApplicationschemaIdGuid: 860abe37-9a9b-4fa4-b3d2-b8ace5df9ec5defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Operation,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzRoleThis class defines a set of operations that can be performed by a particular set of users within a particular : ms-DS-Az-RoleldapDisplayName: msDS-AzRolegovernsId: 1.2.840.113556.1.5.239objectClassCategory: 1rdnAttId: cnsubClassOf: topmayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-MembersForAzRole, msDS-OperationsForAzRole, msDS-TasksForAzRole, msDS-AzApplicationDatasystemPossSuperiors: container, msDS-AzApplication, msDS-AzScopeschemaIdGuid: 8213eac9-9d55-44dc-925c-e9a52b927644defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Role,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzScopeThis class describes a set of objects that is managed by an : ms-DS-Az-ScopeldapDisplayName: msDS-AzScopegovernsId: 1.2.840.113556.1.5.237objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: msDS-AzScopeNamemayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-AzApplicationDatasystemPossSuperiors: msDS-AzApplicationschemaIdGuid: 4feae054-ce55-47bb-860e-5b12063a51dedefaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Scope,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-AzTaskThis class describes a set of : ms-DS-Az-TaskldapDisplayName: msDS-AzTaskgovernsId: 1.2.840.113556.1.5.238objectClassCategory: 1rdnAttId: cnsubClassOf: topmayContain: msDS-AzGenericData, msDS-AzObjectGuidsystemMayContain: description, msDS-AzBizRule, msDS-AzBizRuleLanguage, msDS-AzLastImportedBizRulePath, msDS-AzTaskIsRoleDefinition, msDS-AzApplicationData, msDS-OperationsForAzTask, msDS-TasksForAzTasksystemPossSuperiors: container, msDS-AzApplication, msDS-AzScopeschemaIdGuid: 1ed3a473-9b1b-418a-bfa0-3a37b95a5306defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Az-Task,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-BindableObjectThis class specifies an auxiliary class to represent a bindable object. Any user-defined class that represents an entity that can be used to bind to the directory (that is, a user) includes this auxiliary : ms-DS-Bindable-ObjectldapDisplayName: msDS-BindableObjectgovernsId: 1.2.840.113556.1.5.244objectClassCategory: 3rdnAttId: cnsubClassOf: securityPrincipalsystemMayContain: lastLogonTimestamp, accountExpires, msDS-User-Account-Control-Computed, ms-DS-UserAccountAutoLocked, msDS-UserPasswordExpired, ms-DS-UserEncryptedTextPasswordAllowed, ms-DS-UserPasswordNotRequired, msDS-UserAccountDisabled, msDS-UserDontExpirePassword, ntPwdHistory, lockoutTime, badPwdCount, badPasswordTime, pwdLastSet, unicodePwdschemaIdGuid: 89f4a69f-4416-6b49-821d-6e3c4a0ff802defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Bindable-Object,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-BindProxyThis class specifies an auxiliary class to represent a bind proxy in AD LDS. A bind proxy references a Windows security principal via its objectSid attribute. When a user performs a simple bind against a bind-proxy object, the bind is redirected to the corresponding Windows : ms-DS-Bind-ProxyldapDisplayName: msDS-BindProxygovernsId: 1.2.840.113556.1.5.245objectClassCategory: 3rdnAttId: cnsubClassOf: topsystemMustContain: objectSidsystemMayContain: msDS-PrincipalNameschemaIdGuid: 717532ab-66e9-684d-a62b-8af1e3985e2fdefaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Bind-Proxy,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-OptionalFeatureThis class defines the configuration object for an optional : ms-DS-Optional-FeatureldapDisplayName: msDS-OptionalFeaturegovernsId: 1.2.840.113556.1.5.265objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: msDS-OptionalFeatureFlags, msDS-OptionalFeatureGUIDsystemMayContain: msDS-RequiredDomainBehaviorVersion, msDS-RequiredForestBehaviorVersionsystemPossSuperiors: containerschemaIdGuid: 44f00041-35af-468b-b20a-6ce8737c580bdefaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU) (A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA) (A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO) (A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=ms-DS-Optional-Feature,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on Windows Server 2008 R2 operating system.Class msDS-QuotaContainerThis class specifies a special container that holds all quota specifications for the directory : ms-DS-Quota-ContainerldapDisplayName: msDS-QuotaContainergovernsId: 1.2.840.113556.1.5.242objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: cnsystemMayContain: msDS-TopQuotaUsage, msDS-QuotaUsed, msDS-QuotaEffective, msDS-TombstoneQuotaFactor, msDS-DefaultQuotasystemPossSuperiors: configuration, domainDNSschemaIdGuid: da83fc4f-076f-4aea-b4dc-8f4dab9b5993defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Quota-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-QuotaControlThis class is used to represent quota specifications for the directory : ms-DS-Quota-ControlldapDisplayName: msDS-QuotaControlgovernsId: 1.2.840.113556.1.5.243objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: msDS-QuotaAmount, msDS-QuotaTrustee, cnsystemPossSuperiors: msDS-QuotaContainerschemaIdGuid: de91fc26-bd02-4b52-ae26-795999e96fc7defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Quota-Control,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class msDS-ServiceConnectionPointPublicationServiceThis class stores configuration options for the SCP publication service in AD : ms-DS-Service-Connection-Point-Publication-ServiceldapDisplayName: msDS-ServiceConnectionPointPublicationServicegovernsId: 1.2.840.113556.1.5.247objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: Enabled, msDS-SCPContainer, msDS-DisableForInstances, keywordssystemPossSuperiors: nTDSServiceschemaIdGuid: d33f5da6-b009-7e48-8268-b2305529e933defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=ms-DS-Service-Connection-Point-Publication-Service,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class nTDSConnectionThis class specifies a connection from a remote domain controller (DC).cn: NTDS-ConnectionldapDisplayName: nTDSConnectiongovernsId: 1.2.840.113556.1.5.71objectClassCategory: 1rdnAttId: cnsubClassOf: leafsystemMustContain: options, fromServer, enabledConnectionsystemMayContain: transportType, schedule, mS-DS-ReplicatesNCReason, generatedConnectionsystemPossSuperiors: nTDSDSAschemaIdGuid: 19195a60-6da0-11d0-afd3-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=NTDS-Connection,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class nTDSDSAThis class represents the Active Directory DSA process on the : NTDS-DSAldapDisplayName: nTDSDSAgovernsId: 1.2.840.113556.1.5.7000.47objectClassCategory: 1rdnAttId: cnsubClassOf: applicationSettingssystemMayContain: msDS-DefaultNamingContext, serverReference, msDS-RetiredReplNCSignatures, retiredReplDSASignatures, queryPolicyObject, options, networkAddress, msDS-ServiceAccount, msDS-ServiceAccountDNSDomain, msDS-PortSSL, msDS-PortLDAP, msDS-ReplicationEpoch, msDS-HasInstantiatedNCs, msDS-hasMasterNCs, msDS-HasDomainNCs, msDS-Behavior-Version, managedBy, lastBackupRestorationTime, invocationId, hasPartialReplicaNCs, hasMasterNCs, dMDLocation, msDS-EnabledFeaturesystemPossSuperiors: organization, serverschemaIdGuid: f0f8ffab-1191-11d0-a060-00aa006c33eddefaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=NTDS-DSA,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class nTDSServiceThis class is used for an NTDS services object, which contains information about the configuration of the directory service forest. This object is kept in the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... : NTDS-ServiceldapDisplayName: nTDSServicegovernsId: 1.2.840.113556.1.5.72objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: msDS-DeletedObjectLifetime, tombstoneLifetime, replTopologyStayOfExecution, msDS-Other-Settings, garbageCollPeriod, dSHeuristicssystemPossSuperiors: containerschemaIdGuid: 19195a5f-6da0-11d0-afd3-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=NTDS-Service,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class nTDSSiteSettingsThis class specifies a container for holding all Active Directory site-specific : NTDS-Site-SettingsldapDisplayName: nTDSSiteSettingsgovernsId: 1.2.840.113556.1.5.69objectClassCategory: 1rdnAttId: cnsubClassOf: applicationSiteSettingssystemMayContain: schedule, queryPolicyObject, options, msDS-Preferred-GC-Site, managedBy, interSiteTopologyRenew, interSiteTopologyGenerator, interSiteTopologyFailoversystemPossSuperiors: siteschemaIdGuid: 19195a5d-6da0-11d0-afd3-00c04fd930c9defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=NTDS-Site-Settings,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class organizationalPersonThis class is used for objects that contain organizational information about a user, such as the employee number, department, manager, title, and office : Organizational-PersonldapDisplayName: organizationalPersongovernsId: 2.5.6.7objectClassCategory: 0rdnAttId: cnsubClassOf: personmayContain: homePostalAddress, houseIdentifiersystemMayContain: streetAddress, assistant, company, countryCode, c, department, destinationIndicator, division, mail, employeeID, facsimileTelephoneNumber, generationQualifier, givenName, initials, internationalISDNNumber, l, thumbnailLogo, manager, o, ou, middleName, personalTitle, otherFacsimileTelephoneNumber, homePhone, otherHomePhone, otherIpPhone, ipPhone, primaryInternationalISDNNumber, otherMobile, mobile, otherTelephone, otherPager, pager, physicalDeliveryOfficeName, thumbnailPhoto, postOfficeBox, postalAddress, postalCode, preferredDeliveryMethod, registeredAddress, st, street, teletexTerminalIdentifier, telexNumber, primaryTelexNumber, co, title, comment, x121AddresssystemPossSuperiors: container, organization, organizationalUnitschemaIdGuid: bf967aa4-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Person,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class organizationThis class stores information about a company or : OrganizationldapDisplayName: organizationgovernsId: 2.5.6.4objectClassCategory: 1rdnAttId: osubClassOf: topsystemMustContain: osystemMayContain: x121Address, userPassword, telexNumber, teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso, searchGuide, registeredAddress, preferredDeliveryMethod, postalCode, postalAddress, postOfficeBox, physicalDeliveryOfficeName, l, internationalISDNNumber, facsimileTelephoneNumber, destinationIndicator, businessCategorysystemPossSuperiors: locality, country, domainDNSschemaIdGuid: bf967aa3-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Organization,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class organizationalUnitThis class specifies a container for storing users, computers, and other account : Organizational-UnitldapDisplayName: organizationalUnitgovernsId: 2.5.6.5objectClassCategory: 1rdnAttId: ousubClassOf: topsystemMustContain: ousystemMayContain: x121Address, userPassword, uPNSuffixes, co, telexNumber, teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso, searchGuide, registeredAddress, preferredDeliveryMethod, postalCode, postalAddress, postOfficeBox, physicalDeliveryOfficeName, managedBy, thumbnailLogo, l, internationalISDNNumber, facsimileTelephoneNumber, destinationIndicator, desktopProfile, defaultGroup, countryCode, c, businessCategorysystemPossSuperiors: country, organization, organizationalUnit, domainDNSschemaIdGuid: bf967aa5-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Organizational-Unit,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class personThis class contains personal information about a : PersonldapDisplayName: persongovernsId: 2.5.6.6objectClassCategory: 0rdnAttId: cnsubClassOf: topsystemMustContain: cnmayContain: attributeCertificateAttributesystemMayContain: seeAlso, serialNumber, sn, telephoneNumber, userPasswordsystemPossSuperiors: container, organizationalUnitschemaIdGuid: bf967aa7-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Person,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class queryPolicyThis class holds administrative limits for LDAP server resources for sorted and paged : Query-PolicyldapDisplayName: queryPolicygovernsId: 1.2.840.113556.1.5.106objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: lDAPIPDenyList, lDAPAdminLimitssystemPossSuperiors: containerschemaIdGuid: 83cc7075-cca7-11d0-afff-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Query-Policy,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class securityPrincipalThis class contains the security information for an : Security-PrincipalldapDisplayName: securityPrincipalgovernsId: 1.2.840.113556.1.5.6objectClassCategory: 3rdnAttId: cnsubClassOf: topsystemMustContain: objectSidsystemMayContain: supplementalCredentials, tokenGroups, nTSecurityDescriptorschemaIdGuid: bf967ab0-0de6-11d0-a285-00aa003049e2defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Security-Principal,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class serverThis class represents a server computer within a : ServerldapDisplayName: servergovernsId: 1.2.840.113556.1.5.17objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: mailAddress, serverReference, managedBy, nETBIOSName, dNSHostName, bridgeheadTransportListsystemPossSuperiors: serversContainerschemaIdGuid: bf967a92-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Server,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class serversContainerThis class holds server objects within a : Servers-ContainerldapDisplayName: serversContainergovernsId: 1.2.840.113556.1.5.7000.48objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemPossSuperiors: siteschemaIdGuid: f780acc0-56f0-11d1-a9c6-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Servers-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class siteThis class specifies a container for storing server objects. This class represents a physical location containing computers; it is used to manage : SiteldapDisplayName: sitegovernsId: 1.2.840.113556.1.5.31objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: msDS-BridgeHeadServersUsed, notificationList, managedBy, locationsystemPossSuperiors: sitesContainerschemaIdGuid: bf967ab3-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Site,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class siteLinkThis object represents the connection between two : Site-LinkldapDisplayName: siteLinkgovernsId: 1.2.840.113556.1.5.147objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: siteListsystemMayContain: schedule, replInterval, options, costsystemPossSuperiors: interSiteTransportschemaIdGuid: d50c2cde-8951-11d1-aebc-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Site-Link,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class siteLinkBridgeThis class specifies an object for tracking the site links that are transitively : Site-Link-BridgeldapDisplayName: siteLinkBridgegovernsId: 1.2.840.113556.1.5.148objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMustContain: siteLinkListsystemPossSuperiors: interSiteTransportschemaIdGuid: d50c2cdf-8951-11d1-aebc-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Site-Link-Bridge,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class sitesContainerThis class specifies a container for storing site objects. Located in the configuration naming : Sites-ContainerldapDisplayName: sitesContainergovernsId: 1.2.840.113556.1.5.107objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemPossSuperiors: configurationschemaIdGuid: 7a4117da-cd67-11d0-afff-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Sites-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class subnetThis class represents a specific subnet in the network to which servers and workstations are : SubnetldapDisplayName: subnetgovernsId: 1.2.840.113556.1.5.96objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: siteObject, locationsystemPossSuperiors: subnetContainerschemaIdGuid: b7b13124-b82e-11d0-afee-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Subnet,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class subnetContainerThis class specifies a container for holding all subnet : Subnet-ContainerldapDisplayName: subnetContainergovernsId: 1.2.840.113556.1.5.95objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemPossSuperiors: sitesContainerschemaIdGuid: b7b13125-b82e-11d0-afee-0000f80367c1defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=Subnet-Container,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class subSchemaThis class contains the schema : SubSchemaldapDisplayName: subSchemagovernsId: 2.5.20.1objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemMayContain: objectClasses, modifyTimeStamp, extendedClassInfo, extendedAttributeInfo, dITContentRules, attributeTypessystemPossSuperiors: dMDschemaIdGuid: 5a8b3261-c38d-11d1-bbc9-0080c76670c0defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=SubSchema,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAMEVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class syncEngineAuxConfigurationms-DS-Sync-Engine-Aux-Configurationcn: ms-DS-Sync-Engine-Aux-ConfigurationldapDisplayName: syncEngineAuxConfigurationgovernsId: 1.2.840.113556.1.4.1891objectClassCategory: 3rdnAttId: cnsubClassOf: topsystemMayContain: configurationFilesystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Sync-Engine-Aux-Configuration, <SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class syncEngineAuxObjectms-DS-Sync-Engine-Aux-Objectcn: ms-DS-Sync-Engine-Aux-ObjectldapDisplayName: syncEngineAuxObjectgovernsId: 1.2.840.113556.1.4.1890objectClassCategory: 3rdnAttId: cnsubClassOf: topsystemMayContain: nonIndexedMetadata, lastAgedChange, configurationFileGuid, sourceObjectGuidsystemOnly: FALSEdefaultObjectCategory: CN=ms-DS-Sync-Engine-Aux-Object,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class topThis class is the top-level class from which all classes are : TopldapDisplayName: topgovernsId: 2.5.6.0objectClassCategory: 2rdnAttId: cnsubClassOf: topsystemMustContain: objectClass, objectCategory, nTSecurityDescriptor, instanceTypemayContain: directReports, ownerBL, msDS-TasksForAzRoleBL, msDS-OperationsForAzRoleBL, msDS-TasksForAzTaskBL, msDS-OperationsForAzTaskBLsystemMayContain: msDS-EnabledFeatureBL, msDS-LastKnownRDN, msDS-LocalEffectiveRecycleTime, msDS-LocalEffectiveDeletionTime, isRecycled, url, wWWHomePage, whenCreated, whenChanged, wellKnownObjects, wbemPath, uSNSource, uSNLastObjRem, USNIntersite, uSNDSALastObjRemoved, uSNCreated, uSNChanged, systemFlags, subSchemaSubEntry, subRefs, structuralObjectClass, siteObjectBL, serverReferenceBL, sDRightsEffective, revision, repsTo, repsFrom, replUpToDateVector, replPropertyMetaData, name, queryPolicyBL, proxyAddresses, proxiedObjectName, possibleInferiors, partialAttributeSet, partialAttributeDeletionList, otherWellKnownObjects, objectVersion, objectGUID, distinguishedName, msDS-DisableForInstancesBL, msDS-ServiceAccountBL, msDS-ReplValueMetaData, msDS-ReplAttributeMetaData, msDS-NCReplOutboundNeighbors, msDS-NCReplInboundNeighbors, msDS-NCReplCursors, msDS-NonMembersBL, msDS-MembersForAzRoleBL, msDs-masteredBy, msDS-DefaultNamingContextBL, mS-DS-ConsistencyGuid, mS-DS-ConsistencyChildCount, msDS-Approx-Immed-Subordinates, modifyTimeStamp, masteredBy, managedObjects, lastKnownParent, memberOf, isDeleted, isCriticalSystemObject, showInAdvancedViewOnly, fSMORoleOwner, fromEntry, dSASignature, dSCorePropagationData, displayName, description, createTimeStamp, cn, canonicalName, bridgeheadServerListBL, allowedChildClassesEffective, allowedChildClasses, allowedAttributesEffective, allowedAttributes, adminDisplayName, adminDescription, msds-memberOfTransitive, msds-memberTransitive, msDS-parentdistname, msDS-ReplValueMetaDataExtsystemPossSuperiors: lostAndFoundschemaIdGuid: bf967ab7-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:S:defaultHidingValue: TRUEsystemOnly: TRUEdefaultObjectCategory: CN=Top,<SchemaNCDN>systemFlags: FLAG_SCHEMA_BASE_OBJECTVersion-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class userProxyThis class is the sample class for bind proxy : User-ProxyldapDisplayName: userProxygovernsId: 1.2.840.113556.1.5.246objectClassCategory: 1rdnAttId: cnsubClassOf: topsystemAuxiliaryClass: msDS-BindProxysystemMayContain: userPrincipalNamepossSuperiors: organization, container, organizationalUnit, domainDNSschemaIdGuid: 60d6186f-f3b6-4898-b0ad-6535afc07620defaultSecurityDescriptor: D:(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)S:defaultHidingValue: TRUEsystemOnly: FALSEdefaultObjectCategory: CN=User-Proxy,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class userProxyFullThis class is the sample user proxy class with the same properties as the native user : User-Proxy-FullldapDisplayName: userProxyFullgovernsId: 1.2.840.113556.1.5.248objectClassCategory: 1rdnAttId: cnsubClassOf: organizationalPersonsystemAuxiliaryClass: msDS-BindProxymayContain: audio, carLicense, departmentNumber, displayName, employeeNumber, employeeType, givenName, homePostalAddress, jpegPhoto, labeledURI, photo, preferredLanguage, roomNumber, secretary, uid, userPKCS12, userSMIMECertificate, x500uniqueIdentifiersystemMayContain: defaultClassStore, dynamicLDAPServer, lastLogonTimestamp, preferredOU, userParameters, userPrincipalName, userCertificate, businessCategory, homePhone, initials, mail, manager, mobile, o, pagersystemPossSuperiors: domainDNS, organizationalUnitschemaIdGuid: 2210527a-eb01-4ff0-b883-186f40a92979defaultSecurityDescriptor: D:(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Person,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Class userThis class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long-term : UserldapDisplayName: usergovernsId: 1.2.840.113556.1.5.9objectClassCategory: 1rdnAttId: cnsubClassOf: organizationalPersonsystemAuxiliaryClass: msDS-BindableObject, securityPrincipalmayContain: audio, carLicense, departmentNumber, displayName, employeeNumber, employeeType, givenName, homePostalAddress, jpegPhoto, labeledURI, photo, preferredLanguage, roomNumber, secretary, uid, userPKCS12, userSMIMECertificate, x500uniqueIdentifiersystemMayContain: defaultClassStore, dynamicLDAPServer, lastLogonTimestamp, preferredOU, userParameters, userPrincipalName, userCertificate, businessCategory, homePhone, initials, mail, manager, mobile, o, pagersystemPossSuperiors: domainDNS, organizationalUnitschemaIdGuid: bf967aba-0de6-11d0-a285-00aa003049e2defaultSecurityDescriptor: D:(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)S:defaultHidingValue: FALSEsystemOnly: FALSEdefaultObjectCategory: CN=Person,<SchemaNCDN>Version-Specific Behavior: First implemented on ADAM and Windows Server 2008.Change Tracking XE "Change tracking" XE "Tracking changes" This section identifies changes that were made to this document since the last release. Changes are classified as Major, Minor, or None. The revision class Major means that the technical content in the document was significantly revised. Major changes affect protocol interoperability or implementation. Examples of major changes are:A document revision that incorporates changes to interoperability requirements.A document revision that captures changes to protocol functionality.The revision class Minor means that the meaning of the technical content was clarified. Minor changes do not affect protocol interoperability or implementation. Examples of minor changes are updates to clarify ambiguity at the sentence, paragraph, or table level.The revision class None means that no new technical changes were introduced. Minor editorial and formatting changes may have been made, but the relevant technical content is identical to the last released version.The changes made to this document are listed in the following table. For more information, please contact dochelp@.SectionDescriptionRevision class1 IntroductionAdded a reference to [MS-ADTS] for the list of applicable products.MinorIndexAActive Directory Lightweight Directory Services attributes PAGEREF section_4f7e79ad460646429b5645061fab4e1215Active Directory Lightweight Directory Services classes PAGEREF section_5861c869e6b14b9ea87349f553408a3c144Attributes PAGEREF section_4f7e79ad460646429b5645061fab4e1215CChange tracking PAGEREF section_b96a8643443e4b7a967e5ecfc65c3268169Classes PAGEREF section_5861c869e6b14b9ea87349f553408a3c144IIntroduction PAGEREF section_4ea2d10cbe4146979669f5478af78a0613SSchema - Active Directory Lightweight Directory Services attributes PAGEREF section_4f7e79ad460646429b5645061fab4e1215 classes PAGEREF section_5861c869e6b14b9ea87349f553408a3c144TTracking changes PAGEREF section_b96a8643443e4b7a967e5ecfc65c3268169 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Introduction - Microsoft

To fulfill the demand for quickly locating and searching documents.

Related download

Related searches